Order

acme.cert-manager.io / v1

apiVersion: acme.cert-manager.io/v1 kind: Order metadata: name: example

apiVersion string

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kind string

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadata object required

spec object required

commonName string

CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR.

dnsNames []string

DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR.

duration string

Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec.

ipAddresses []string

IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR.

issuerRef object required

IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed.

group string

Group of the issuer being referred to. Defaults to 'cert-manager.io'.

kind string

Kind of the issuer being referred to. Defaults to 'Issuer'.

name string required

Name of the issuer being referred to.

profile string

Profile allows requesting a certificate profile from the ACME server. Supported profiles are listed by the server's ACME directory URL.

request string required

Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order.

format: byte

status object

authorizations []object

Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order.

challenges []object

Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process.

token string required

Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented.

type string required

Type is the type of challenge being offered, e.g., 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored.

url string required

URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server.

identifier string

Identifier is the DNS name to be validated as part of this authorization

initialState string

InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created.

enum: valid, ready, pending, processing, invalid, expired, errored

url string required

URL is the URL of the Authorization that must be completed

wildcard boolean

Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'.

certificate string

Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state.

format: byte

failureTime string

FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off.

format: date-time

finalizeURL string

FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed.

reason string

Reason optionally provides more information about a why the order is in the current state.

state string

State contains the current state of this Order resource. States 'success' and 'expired' are 'final'

enum: valid, ready, pending, processing, invalid, expired, errored

url string

URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set.

No matches. Try .spec.commonName for an exact path