Fortios v0.0.6, Jul 9 24

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.vpn/certificate.Local

Explore with Pulumi AI

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

Create Local Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Local(name: string, args?: LocalArgs, opts?: CustomResourceOptions);

@overload
def Local(resource_name: str,
          args: Optional[LocalArgs] = None,
          opts: Optional[ResourceOptions] = None)

@overload
def Local(resource_name: str,
          opts: Optional[ResourceOptions] = None,
          acme_ca_url: Optional[str] = None,
          acme_domain: Optional[str] = None,
          acme_email: Optional[str] = None,
          acme_renew_window: Optional[int] = None,
          acme_rsa_key_size: Optional[int] = None,
          auto_regenerate_days: Optional[int] = None,
          auto_regenerate_days_warning: Optional[int] = None,
          ca_identifier: Optional[str] = None,
          certificate: Optional[str] = None,
          cmp_path: Optional[str] = None,
          cmp_regeneration_method: Optional[str] = None,
          cmp_server: Optional[str] = None,
          cmp_server_cert: Optional[str] = None,
          comments: Optional[str] = None,
          csr: Optional[str] = None,
          enroll_protocol: Optional[str] = None,
          est_ca_id: Optional[str] = None,
          est_client_cert: Optional[str] = None,
          est_http_password: Optional[str] = None,
          est_http_username: Optional[str] = None,
          est_server: Optional[str] = None,
          est_server_cert: Optional[str] = None,
          est_srp_password: Optional[str] = None,
          est_srp_username: Optional[str] = None,
          ike_localid: Optional[str] = None,
          ike_localid_type: Optional[str] = None,
          last_updated: Optional[int] = None,
          name: Optional[str] = None,
          name_encoding: Optional[str] = None,
          password: Optional[str] = None,
          private_key: Optional[str] = None,
          private_key_retain: Optional[str] = None,
          range: Optional[str] = None,
          scep_password: Optional[str] = None,
          scep_url: Optional[str] = None,
          source: Optional[str] = None,
          source_ip: Optional[str] = None,
          state: Optional[str] = None,
          vdomparam: Optional[str] = None)

func NewLocal(ctx *Context, name string, args *LocalArgs, opts ...ResourceOption) (*Local, error)

public Local(string name, LocalArgs? args = null, CustomResourceOptions? opts = null)

public Local(String name, LocalArgs args)
public Local(String name, LocalArgs args, CustomResourceOptions options)

type: fortios:vpn/certificate/local:Local
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args LocalArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args LocalArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args LocalArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args LocalArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args LocalArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Local Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Local resource accepts the following input properties:

AcmeCaUrl string: The URL for the ACME CA server (Let's Encrypt is the default provider).
AcmeDomain string: A valid domain that resolves to this Fortigate.
AcmeEmail string: Contact email address that is required by some CAs like LetsEncrypt.
AcmeRenewWindow int: Beginning of the renewal window (in days before certificate expiration, 30 by default).
AcmeRsaKeySize int: Length of the RSA private key of the generated cert (Minimum 2048 bits).
AutoRegenerateDays int: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
AutoRegenerateDaysWarning int: Number of days to wait before an expiry warning message is generated (0 = disabled).
CaIdentifier string: CA identifier of the CA server for signing via SCEP.
Certificate string: PEM format certificate.
CmpPath string: Path location inside CMP server.
CmpRegenerationMethod string: CMP auto-regeneration method. Valid values: keyupate, renewal.
CmpServer string: Address and port for CMP server (format = address:port).
CmpServerCert string: CMP server certificate.
Comments string: Comment.
Csr string: Certificate Signing Request.
EnrollProtocol string: Certificate enrollment protocol.
EstCaId string: CA identifier of the CA server for signing via EST.
EstClientCert string: Certificate used to authenticate this FortiGate to EST server.
EstHttpPassword string: HTTP Authentication password for signing via EST.
EstHttpUsername string: HTTP Authentication username for signing via EST.
EstServer string: Address and port for EST server (e.g. https://example.com:1234).
EstServerCert string: EST server's certificate must be verifiable by this certificate to be authenticated.
EstSrpPassword string: EST SRP authentication password.
EstSrpUsername string: EST SRP authentication username.
IkeLocalid string: Local ID the FortiGate uses for authentication as a VPN client.
IkeLocalidType string: IKE local ID type. Valid values: asn1dn, fqdn.
LastUpdated int: Time at which certificate was last updated.
Name string: Name.
NameEncoding string: Name encoding method for auto-regeneration. Valid values: printable, utf8.
Password string: Password as a PEM file.
PrivateKey string: PEM format key, encrypted with a password.
PrivateKeyRetain string: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
Range string: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
ScepPassword string: SCEP server challenge password for auto-regeneration.
ScepUrl string: SCEP server URL.
Source string: Certificate source type.
SourceIp string: Source IP address for communications to the SCEP server.
State string: Certificate Signing Request State.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AcmeCaUrl string: The URL for the ACME CA server (Let's Encrypt is the default provider).
AcmeDomain string: A valid domain that resolves to this Fortigate.
AcmeEmail string: Contact email address that is required by some CAs like LetsEncrypt.
AcmeRenewWindow int: Beginning of the renewal window (in days before certificate expiration, 30 by default).
AcmeRsaKeySize int: Length of the RSA private key of the generated cert (Minimum 2048 bits).
AutoRegenerateDays int: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
AutoRegenerateDaysWarning int: Number of days to wait before an expiry warning message is generated (0 = disabled).
CaIdentifier string: CA identifier of the CA server for signing via SCEP.
Certificate string: PEM format certificate.
CmpPath string: Path location inside CMP server.
CmpRegenerationMethod string: CMP auto-regeneration method. Valid values: keyupate, renewal.
CmpServer string: Address and port for CMP server (format = address:port).
CmpServerCert string: CMP server certificate.
Comments string: Comment.
Csr string: Certificate Signing Request.
EnrollProtocol string: Certificate enrollment protocol.
EstCaId string: CA identifier of the CA server for signing via EST.
EstClientCert string: Certificate used to authenticate this FortiGate to EST server.
EstHttpPassword string: HTTP Authentication password for signing via EST.
EstHttpUsername string: HTTP Authentication username for signing via EST.
EstServer string: Address and port for EST server (e.g. https://example.com:1234).
EstServerCert string: EST server's certificate must be verifiable by this certificate to be authenticated.
EstSrpPassword string: EST SRP authentication password.
EstSrpUsername string: EST SRP authentication username.
IkeLocalid string: Local ID the FortiGate uses for authentication as a VPN client.
IkeLocalidType string: IKE local ID type. Valid values: asn1dn, fqdn.
LastUpdated int: Time at which certificate was last updated.
Name string: Name.
NameEncoding string: Name encoding method for auto-regeneration. Valid values: printable, utf8.
Password string: Password as a PEM file.
PrivateKey string: PEM format key, encrypted with a password.
PrivateKeyRetain string: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
Range string: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
ScepPassword string: SCEP server challenge password for auto-regeneration.
ScepUrl string: SCEP server URL.
Source string: Certificate source type.
SourceIp string: Source IP address for communications to the SCEP server.
State string: Certificate Signing Request State.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acmeCaUrl String: The URL for the ACME CA server (Let's Encrypt is the default provider).
acmeDomain String: A valid domain that resolves to this Fortigate.
acmeEmail String: Contact email address that is required by some CAs like LetsEncrypt.
acmeRenewWindow Integer: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acmeRsaKeySize Integer: Length of the RSA private key of the generated cert (Minimum 2048 bits).
autoRegenerateDays Integer: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
autoRegenerateDaysWarning Integer: Number of days to wait before an expiry warning message is generated (0 = disabled).
caIdentifier String: CA identifier of the CA server for signing via SCEP.
certificate String: PEM format certificate.
cmpPath String: Path location inside CMP server.
cmpRegenerationMethod String: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmpServer String: Address and port for CMP server (format = address:port).
cmpServerCert String: CMP server certificate.
comments String: Comment.
csr String: Certificate Signing Request.
enrollProtocol String: Certificate enrollment protocol.
estCaId String: CA identifier of the CA server for signing via EST.
estClientCert String: Certificate used to authenticate this FortiGate to EST server.
estHttpPassword String: HTTP Authentication password for signing via EST.
estHttpUsername String: HTTP Authentication username for signing via EST.
estServer String: Address and port for EST server (e.g. https://example.com:1234).
estServerCert String: EST server's certificate must be verifiable by this certificate to be authenticated.
estSrpPassword String: EST SRP authentication password.
estSrpUsername String: EST SRP authentication username.
ikeLocalid String: Local ID the FortiGate uses for authentication as a VPN client.
ikeLocalidType String: IKE local ID type. Valid values: asn1dn, fqdn.
lastUpdated Integer: Time at which certificate was last updated.
name String: Name.
nameEncoding String: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password String: Password as a PEM file.
privateKey String: PEM format key, encrypted with a password.
privateKeyRetain String: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range String: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scepPassword String: SCEP server challenge password for auto-regeneration.
scepUrl String: SCEP server URL.
source String: Certificate source type.
sourceIp String: Source IP address for communications to the SCEP server.
state String: Certificate Signing Request State.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acmeCaUrl string: The URL for the ACME CA server (Let's Encrypt is the default provider).
acmeDomain string: A valid domain that resolves to this Fortigate.
acmeEmail string: Contact email address that is required by some CAs like LetsEncrypt.
acmeRenewWindow number: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acmeRsaKeySize number: Length of the RSA private key of the generated cert (Minimum 2048 bits).
autoRegenerateDays number: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
autoRegenerateDaysWarning number: Number of days to wait before an expiry warning message is generated (0 = disabled).
caIdentifier string: CA identifier of the CA server for signing via SCEP.
certificate string: PEM format certificate.
cmpPath string: Path location inside CMP server.
cmpRegenerationMethod string: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmpServer string: Address and port for CMP server (format = address:port).
cmpServerCert string: CMP server certificate.
comments string: Comment.
csr string: Certificate Signing Request.
enrollProtocol string: Certificate enrollment protocol.
estCaId string: CA identifier of the CA server for signing via EST.
estClientCert string: Certificate used to authenticate this FortiGate to EST server.
estHttpPassword string: HTTP Authentication password for signing via EST.
estHttpUsername string: HTTP Authentication username for signing via EST.
estServer string: Address and port for EST server (e.g. https://example.com:1234).
estServerCert string: EST server's certificate must be verifiable by this certificate to be authenticated.
estSrpPassword string: EST SRP authentication password.
estSrpUsername string: EST SRP authentication username.
ikeLocalid string: Local ID the FortiGate uses for authentication as a VPN client.
ikeLocalidType string: IKE local ID type. Valid values: asn1dn, fqdn.
lastUpdated number: Time at which certificate was last updated.
name string: Name.
nameEncoding string: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password string: Password as a PEM file.
privateKey string: PEM format key, encrypted with a password.
privateKeyRetain string: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range string: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scepPassword string: SCEP server challenge password for auto-regeneration.
scepUrl string: SCEP server URL.
source string: Certificate source type.
sourceIp string: Source IP address for communications to the SCEP server.
state string: Certificate Signing Request State.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acme_ca_url str: The URL for the ACME CA server (Let's Encrypt is the default provider).
acme_domain str: A valid domain that resolves to this Fortigate.
acme_email str: Contact email address that is required by some CAs like LetsEncrypt.
acme_renew_window int: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acme_rsa_key_size int: Length of the RSA private key of the generated cert (Minimum 2048 bits).
auto_regenerate_days int: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
auto_regenerate_days_warning int: Number of days to wait before an expiry warning message is generated (0 = disabled).
ca_identifier str: CA identifier of the CA server for signing via SCEP.
certificate str: PEM format certificate.
cmp_path str: Path location inside CMP server.
cmp_regeneration_method str: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmp_server str: Address and port for CMP server (format = address:port).
cmp_server_cert str: CMP server certificate.
comments str: Comment.
csr str: Certificate Signing Request.
enroll_protocol str: Certificate enrollment protocol.
est_ca_id str: CA identifier of the CA server for signing via EST.
est_client_cert str: Certificate used to authenticate this FortiGate to EST server.
est_http_password str: HTTP Authentication password for signing via EST.
est_http_username str: HTTP Authentication username for signing via EST.
est_server str: Address and port for EST server (e.g. https://example.com:1234).
est_server_cert str: EST server's certificate must be verifiable by this certificate to be authenticated.
est_srp_password str: EST SRP authentication password.
est_srp_username str: EST SRP authentication username.
ike_localid str: Local ID the FortiGate uses for authentication as a VPN client.
ike_localid_type str: IKE local ID type. Valid values: asn1dn, fqdn.
last_updated int: Time at which certificate was last updated.
name str: Name.
name_encoding str: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password str: Password as a PEM file.
private_key str: PEM format key, encrypted with a password.
private_key_retain str: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range str: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scep_password str: SCEP server challenge password for auto-regeneration.
scep_url str: SCEP server URL.
source str: Certificate source type.
source_ip str: Source IP address for communications to the SCEP server.
state str: Certificate Signing Request State.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acmeCaUrl String: The URL for the ACME CA server (Let's Encrypt is the default provider).
acmeDomain String: A valid domain that resolves to this Fortigate.
acmeEmail String: Contact email address that is required by some CAs like LetsEncrypt.
acmeRenewWindow Number: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acmeRsaKeySize Number: Length of the RSA private key of the generated cert (Minimum 2048 bits).
autoRegenerateDays Number: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
autoRegenerateDaysWarning Number: Number of days to wait before an expiry warning message is generated (0 = disabled).
caIdentifier String: CA identifier of the CA server for signing via SCEP.
certificate String: PEM format certificate.
cmpPath String: Path location inside CMP server.
cmpRegenerationMethod String: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmpServer String: Address and port for CMP server (format = address:port).
cmpServerCert String: CMP server certificate.
comments String: Comment.
csr String: Certificate Signing Request.
enrollProtocol String: Certificate enrollment protocol.
estCaId String: CA identifier of the CA server for signing via EST.
estClientCert String: Certificate used to authenticate this FortiGate to EST server.
estHttpPassword String: HTTP Authentication password for signing via EST.
estHttpUsername String: HTTP Authentication username for signing via EST.
estServer String: Address and port for EST server (e.g. https://example.com:1234).
estServerCert String: EST server's certificate must be verifiable by this certificate to be authenticated.
estSrpPassword String: EST SRP authentication password.
estSrpUsername String: EST SRP authentication username.
ikeLocalid String: Local ID the FortiGate uses for authentication as a VPN client.
ikeLocalidType String: IKE local ID type. Valid values: asn1dn, fqdn.
lastUpdated Number: Time at which certificate was last updated.
name String: Name.
nameEncoding String: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password String: Password as a PEM file.
privateKey String: PEM format key, encrypted with a password.
privateKeyRetain String: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range String: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scepPassword String: SCEP server challenge password for auto-regeneration.
scepUrl String: SCEP server URL.
source String: Certificate source type.
sourceIp String: Source IP address for communications to the SCEP server.
state String: Certificate Signing Request State.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Outputs

All input properties are implicitly available as output properties. Additionally, the Local resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Local Resource

Get an existing Local resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: LocalState, opts?: CustomResourceOptions): Local

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        acme_ca_url: Optional[str] = None,
        acme_domain: Optional[str] = None,
        acme_email: Optional[str] = None,
        acme_renew_window: Optional[int] = None,
        acme_rsa_key_size: Optional[int] = None,
        auto_regenerate_days: Optional[int] = None,
        auto_regenerate_days_warning: Optional[int] = None,
        ca_identifier: Optional[str] = None,
        certificate: Optional[str] = None,
        cmp_path: Optional[str] = None,
        cmp_regeneration_method: Optional[str] = None,
        cmp_server: Optional[str] = None,
        cmp_server_cert: Optional[str] = None,
        comments: Optional[str] = None,
        csr: Optional[str] = None,
        enroll_protocol: Optional[str] = None,
        est_ca_id: Optional[str] = None,
        est_client_cert: Optional[str] = None,
        est_http_password: Optional[str] = None,
        est_http_username: Optional[str] = None,
        est_server: Optional[str] = None,
        est_server_cert: Optional[str] = None,
        est_srp_password: Optional[str] = None,
        est_srp_username: Optional[str] = None,
        ike_localid: Optional[str] = None,
        ike_localid_type: Optional[str] = None,
        last_updated: Optional[int] = None,
        name: Optional[str] = None,
        name_encoding: Optional[str] = None,
        password: Optional[str] = None,
        private_key: Optional[str] = None,
        private_key_retain: Optional[str] = None,
        range: Optional[str] = None,
        scep_password: Optional[str] = None,
        scep_url: Optional[str] = None,
        source: Optional[str] = None,
        source_ip: Optional[str] = None,
        state: Optional[str] = None,
        vdomparam: Optional[str] = None) -> Local

func GetLocal(ctx *Context, name string, id IDInput, state *LocalState, opts ...ResourceOption) (*Local, error)

public static Local Get(string name, Input<string> id, LocalState? state, CustomResourceOptions? opts = null)

public static Local get(String name, Output<String> id, LocalState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AcmeCaUrl string: The URL for the ACME CA server (Let's Encrypt is the default provider).
AcmeDomain string: A valid domain that resolves to this Fortigate.
AcmeEmail string: Contact email address that is required by some CAs like LetsEncrypt.
AcmeRenewWindow int: Beginning of the renewal window (in days before certificate expiration, 30 by default).
AcmeRsaKeySize int: Length of the RSA private key of the generated cert (Minimum 2048 bits).
AutoRegenerateDays int: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
AutoRegenerateDaysWarning int: Number of days to wait before an expiry warning message is generated (0 = disabled).
CaIdentifier string: CA identifier of the CA server for signing via SCEP.
Certificate string: PEM format certificate.
CmpPath string: Path location inside CMP server.
CmpRegenerationMethod string: CMP auto-regeneration method. Valid values: keyupate, renewal.
CmpServer string: Address and port for CMP server (format = address:port).
CmpServerCert string: CMP server certificate.
Comments string: Comment.
Csr string: Certificate Signing Request.
EnrollProtocol string: Certificate enrollment protocol.
EstCaId string: CA identifier of the CA server for signing via EST.
EstClientCert string: Certificate used to authenticate this FortiGate to EST server.
EstHttpPassword string: HTTP Authentication password for signing via EST.
EstHttpUsername string: HTTP Authentication username for signing via EST.
EstServer string: Address and port for EST server (e.g. https://example.com:1234).
EstServerCert string: EST server's certificate must be verifiable by this certificate to be authenticated.
EstSrpPassword string: EST SRP authentication password.
EstSrpUsername string: EST SRP authentication username.
IkeLocalid string: Local ID the FortiGate uses for authentication as a VPN client.
IkeLocalidType string: IKE local ID type. Valid values: asn1dn, fqdn.
LastUpdated int: Time at which certificate was last updated.
Name string: Name.
NameEncoding string: Name encoding method for auto-regeneration. Valid values: printable, utf8.
Password string: Password as a PEM file.
PrivateKey string: PEM format key, encrypted with a password.
PrivateKeyRetain string: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
Range string: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
ScepPassword string: SCEP server challenge password for auto-regeneration.
ScepUrl string: SCEP server URL.
Source string: Certificate source type.
SourceIp string: Source IP address for communications to the SCEP server.
State string: Certificate Signing Request State.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AcmeCaUrl string: The URL for the ACME CA server (Let's Encrypt is the default provider).
AcmeDomain string: A valid domain that resolves to this Fortigate.
AcmeEmail string: Contact email address that is required by some CAs like LetsEncrypt.
AcmeRenewWindow int: Beginning of the renewal window (in days before certificate expiration, 30 by default).
AcmeRsaKeySize int: Length of the RSA private key of the generated cert (Minimum 2048 bits).
AutoRegenerateDays int: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
AutoRegenerateDaysWarning int: Number of days to wait before an expiry warning message is generated (0 = disabled).
CaIdentifier string: CA identifier of the CA server for signing via SCEP.
Certificate string: PEM format certificate.
CmpPath string: Path location inside CMP server.
CmpRegenerationMethod string: CMP auto-regeneration method. Valid values: keyupate, renewal.
CmpServer string: Address and port for CMP server (format = address:port).
CmpServerCert string: CMP server certificate.
Comments string: Comment.
Csr string: Certificate Signing Request.
EnrollProtocol string: Certificate enrollment protocol.
EstCaId string: CA identifier of the CA server for signing via EST.
EstClientCert string: Certificate used to authenticate this FortiGate to EST server.
EstHttpPassword string: HTTP Authentication password for signing via EST.
EstHttpUsername string: HTTP Authentication username for signing via EST.
EstServer string: Address and port for EST server (e.g. https://example.com:1234).
EstServerCert string: EST server's certificate must be verifiable by this certificate to be authenticated.
EstSrpPassword string: EST SRP authentication password.
EstSrpUsername string: EST SRP authentication username.
IkeLocalid string: Local ID the FortiGate uses for authentication as a VPN client.
IkeLocalidType string: IKE local ID type. Valid values: asn1dn, fqdn.
LastUpdated int: Time at which certificate was last updated.
Name string: Name.
NameEncoding string: Name encoding method for auto-regeneration. Valid values: printable, utf8.
Password string: Password as a PEM file.
PrivateKey string: PEM format key, encrypted with a password.
PrivateKeyRetain string: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
Range string: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
ScepPassword string: SCEP server challenge password for auto-regeneration.
ScepUrl string: SCEP server URL.
Source string: Certificate source type.
SourceIp string: Source IP address for communications to the SCEP server.
State string: Certificate Signing Request State.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acmeCaUrl String: The URL for the ACME CA server (Let's Encrypt is the default provider).
acmeDomain String: A valid domain that resolves to this Fortigate.
acmeEmail String: Contact email address that is required by some CAs like LetsEncrypt.
acmeRenewWindow Integer: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acmeRsaKeySize Integer: Length of the RSA private key of the generated cert (Minimum 2048 bits).
autoRegenerateDays Integer: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
autoRegenerateDaysWarning Integer: Number of days to wait before an expiry warning message is generated (0 = disabled).
caIdentifier String: CA identifier of the CA server for signing via SCEP.
certificate String: PEM format certificate.
cmpPath String: Path location inside CMP server.
cmpRegenerationMethod String: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmpServer String: Address and port for CMP server (format = address:port).
cmpServerCert String: CMP server certificate.
comments String: Comment.
csr String: Certificate Signing Request.
enrollProtocol String: Certificate enrollment protocol.
estCaId String: CA identifier of the CA server for signing via EST.
estClientCert String: Certificate used to authenticate this FortiGate to EST server.
estHttpPassword String: HTTP Authentication password for signing via EST.
estHttpUsername String: HTTP Authentication username for signing via EST.
estServer String: Address and port for EST server (e.g. https://example.com:1234).
estServerCert String: EST server's certificate must be verifiable by this certificate to be authenticated.
estSrpPassword String: EST SRP authentication password.
estSrpUsername String: EST SRP authentication username.
ikeLocalid String: Local ID the FortiGate uses for authentication as a VPN client.
ikeLocalidType String: IKE local ID type. Valid values: asn1dn, fqdn.
lastUpdated Integer: Time at which certificate was last updated.
name String: Name.
nameEncoding String: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password String: Password as a PEM file.
privateKey String: PEM format key, encrypted with a password.
privateKeyRetain String: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range String: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scepPassword String: SCEP server challenge password for auto-regeneration.
scepUrl String: SCEP server URL.
source String: Certificate source type.
sourceIp String: Source IP address for communications to the SCEP server.
state String: Certificate Signing Request State.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acmeCaUrl string: The URL for the ACME CA server (Let's Encrypt is the default provider).
acmeDomain string: A valid domain that resolves to this Fortigate.
acmeEmail string: Contact email address that is required by some CAs like LetsEncrypt.
acmeRenewWindow number: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acmeRsaKeySize number: Length of the RSA private key of the generated cert (Minimum 2048 bits).
autoRegenerateDays number: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
autoRegenerateDaysWarning number: Number of days to wait before an expiry warning message is generated (0 = disabled).
caIdentifier string: CA identifier of the CA server for signing via SCEP.
certificate string: PEM format certificate.
cmpPath string: Path location inside CMP server.
cmpRegenerationMethod string: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmpServer string: Address and port for CMP server (format = address:port).
cmpServerCert string: CMP server certificate.
comments string: Comment.
csr string: Certificate Signing Request.
enrollProtocol string: Certificate enrollment protocol.
estCaId string: CA identifier of the CA server for signing via EST.
estClientCert string: Certificate used to authenticate this FortiGate to EST server.
estHttpPassword string: HTTP Authentication password for signing via EST.
estHttpUsername string: HTTP Authentication username for signing via EST.
estServer string: Address and port for EST server (e.g. https://example.com:1234).
estServerCert string: EST server's certificate must be verifiable by this certificate to be authenticated.
estSrpPassword string: EST SRP authentication password.
estSrpUsername string: EST SRP authentication username.
ikeLocalid string: Local ID the FortiGate uses for authentication as a VPN client.
ikeLocalidType string: IKE local ID type. Valid values: asn1dn, fqdn.
lastUpdated number: Time at which certificate was last updated.
name string: Name.
nameEncoding string: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password string: Password as a PEM file.
privateKey string: PEM format key, encrypted with a password.
privateKeyRetain string: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range string: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scepPassword string: SCEP server challenge password for auto-regeneration.
scepUrl string: SCEP server URL.
source string: Certificate source type.
sourceIp string: Source IP address for communications to the SCEP server.
state string: Certificate Signing Request State.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acme_ca_url str: The URL for the ACME CA server (Let's Encrypt is the default provider).
acme_domain str: A valid domain that resolves to this Fortigate.
acme_email str: Contact email address that is required by some CAs like LetsEncrypt.
acme_renew_window int: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acme_rsa_key_size int: Length of the RSA private key of the generated cert (Minimum 2048 bits).
auto_regenerate_days int: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
auto_regenerate_days_warning int: Number of days to wait before an expiry warning message is generated (0 = disabled).
ca_identifier str: CA identifier of the CA server for signing via SCEP.
certificate str: PEM format certificate.
cmp_path str: Path location inside CMP server.
cmp_regeneration_method str: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmp_server str: Address and port for CMP server (format = address:port).
cmp_server_cert str: CMP server certificate.
comments str: Comment.
csr str: Certificate Signing Request.
enroll_protocol str: Certificate enrollment protocol.
est_ca_id str: CA identifier of the CA server for signing via EST.
est_client_cert str: Certificate used to authenticate this FortiGate to EST server.
est_http_password str: HTTP Authentication password for signing via EST.
est_http_username str: HTTP Authentication username for signing via EST.
est_server str: Address and port for EST server (e.g. https://example.com:1234).
est_server_cert str: EST server's certificate must be verifiable by this certificate to be authenticated.
est_srp_password str: EST SRP authentication password.
est_srp_username str: EST SRP authentication username.
ike_localid str: Local ID the FortiGate uses for authentication as a VPN client.
ike_localid_type str: IKE local ID type. Valid values: asn1dn, fqdn.
last_updated int: Time at which certificate was last updated.
name str: Name.
name_encoding str: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password str: Password as a PEM file.
private_key str: PEM format key, encrypted with a password.
private_key_retain str: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range str: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scep_password str: SCEP server challenge password for auto-regeneration.
scep_url str: SCEP server URL.
source str: Certificate source type.
source_ip str: Source IP address for communications to the SCEP server.
state str: Certificate Signing Request State.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

acmeCaUrl String: The URL for the ACME CA server (Let's Encrypt is the default provider).
acmeDomain String: A valid domain that resolves to this Fortigate.
acmeEmail String: Contact email address that is required by some CAs like LetsEncrypt.
acmeRenewWindow Number: Beginning of the renewal window (in days before certificate expiration, 30 by default).
acmeRsaKeySize Number: Length of the RSA private key of the generated cert (Minimum 2048 bits).
autoRegenerateDays Number: Number of days to wait before expiry of an updated local certificate is requested (0 = disabled).
autoRegenerateDaysWarning Number: Number of days to wait before an expiry warning message is generated (0 = disabled).
caIdentifier String: CA identifier of the CA server for signing via SCEP.
certificate String: PEM format certificate.
cmpPath String: Path location inside CMP server.
cmpRegenerationMethod String: CMP auto-regeneration method. Valid values: keyupate, renewal.
cmpServer String: Address and port for CMP server (format = address:port).
cmpServerCert String: CMP server certificate.
comments String: Comment.
csr String: Certificate Signing Request.
enrollProtocol String: Certificate enrollment protocol.
estCaId String: CA identifier of the CA server for signing via EST.
estClientCert String: Certificate used to authenticate this FortiGate to EST server.
estHttpPassword String: HTTP Authentication password for signing via EST.
estHttpUsername String: HTTP Authentication username for signing via EST.
estServer String: Address and port for EST server (e.g. https://example.com:1234).
estServerCert String: EST server's certificate must be verifiable by this certificate to be authenticated.
estSrpPassword String: EST SRP authentication password.
estSrpUsername String: EST SRP authentication username.
ikeLocalid String: Local ID the FortiGate uses for authentication as a VPN client.
ikeLocalidType String: IKE local ID type. Valid values: asn1dn, fqdn.
lastUpdated Number: Time at which certificate was last updated.
name String: Name.
nameEncoding String: Name encoding method for auto-regeneration. Valid values: printable, utf8.
password String: Password as a PEM file.
privateKey String: PEM format key, encrypted with a password.
privateKeyRetain String: Enable/disable retention of private key during SCEP renewal (default = disable). Valid values: enable, disable.
range String: Either a global or VDOM IP address range for the certificate. Valid values: global, vdom.
scepPassword String: SCEP server challenge password for auto-regeneration.
scepUrl String: SCEP server URL.
source String: Certificate source type.
sourceIp String: Source IP address for communications to the SCEP server.
state String: Certificate Signing Request State.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Import

VpnCertificate Local can be imported using any of these accepted formats:

$ pulumi import fortios:vpn/certificate/local:Local labelname {{name}}

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:vpn/certificate/local:Local labelname {{name}}

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.vpn/certificate.Local

On this page

On this page

Create Local Resource

Constructor syntax

Parameters

Local Resource Properties

Inputs

Outputs

Look up Existing Local Resource

Import

Package Details

On this page

On this page