import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * Manages ACME SSL certificates for Proxmox VE nodes.
 *
 * This resource orders and renews certificates from an ACME Certificate Authority (like Let's Encrypt) for a specific node. Before using this resource, ensure that:
 * - An ACME account is configured (using `proxmoxve.acme.Account`)
 * - DNS plugins are configured if using DNS-01 challenge (using `proxmoxve.acme/dns.Plugin`)
 *
 * ## Example Usage
 *
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as proxmoxve from "@muhlba91/pulumi-proxmoxve";
 *
 * // Example: Basic ACME certificate with HTTP-01 challenge (standalone)
 * const example = new proxmoxve.acme.Account("example", {
 *     name: "production",
 *     contact: "admin@example.com",
 *     directory: "https://acme-v02.api.letsencrypt.org/directory",
 *     tos: "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
 * });
 * const httpExample = new proxmoxve.acme.Certificate("http_example", {
 *     nodeName: "pve-node-01",
 *     account: example.name,
 *     domains: [{
 *         domain: "pve.example.com",
 *     }],
 * });
 * // Example: ACME certificate with DNS-01 challenge using Cloudflare
 * const cloudflare = new proxmoxve.acme.dns.Plugin("cloudflare", {
 *     plugin: "cloudflare",
 *     api: "cf",
 *     validationDelay: 120,
 *     data: {
 *         CF_Account_ID: "your-cloudflare-account-id",
 *         CF_Token: "your-cloudflare-api-token",
 *         CF_Zone_ID: "your-cloudflare-zone-id",
 *     },
 * });
 * const dnsExample = new proxmoxve.acme.Certificate("dns_example", {
 *     nodeName: "pve-node-01",
 *     account: example.name,
 *     domains: [{
 *         domain: "pve.example.com",
 *         plugin: cloudflare.plugin,
 *     }],
 * }, {
 *     dependsOn: [
 *         example,
 *         cloudflare,
 *     ],
 * });
 * // Example: Force certificate renewal
 * const forceRenew = new proxmoxve.acme.Certificate("force_renew", {
 *     nodeName: "pve-node-01",
 *     account: example.name,
 *     force: true,
 *     domains: [{
 *         domain: "pve.example.com",
 *         plugin: cloudflare.plugin,
 *     }],
 * }, {
 *     dependsOn: [
 *         example,
 *         cloudflare,
 *     ],
 * });
 * ```
 *
 * ## Import
 *
 * !/usr/bin/env sh
 * ACME certificates can be imported using the node name, e.g.:
 *
 * ```sh
 * $ pulumi import proxmoxve:acme/certificate:Certificate example pve-node-01
 * ```
 */
export declare class Certificate extends pulumi.CustomResource {
    /**
     * Get an existing Certificate resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CertificateState, opts?: pulumi.CustomResourceOptions): Certificate;
    /**
     * Returns true if the given object is an instance of Certificate.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is Certificate;
    /**
     * The ACME account name to use for ordering the certificate.
     */
    readonly account: pulumi.Output<string>;
    /**
     * The PEM-encoded certificate data.
     */
    readonly certificate: pulumi.Output<string>;
    /**
     * The list of domains to include in the certificate. At least one domain is required.
     */
    readonly domains: pulumi.Output<outputs.acme.CertificateDomain[]>;
    /**
     * The certificate fingerprint.
     */
    readonly fingerprint: pulumi.Output<string>;
    /**
     * Force certificate renewal even if the certificate is not due for renewal yet. Setting this to true will trigger a new certificate order on every apply.
     */
    readonly force: pulumi.Output<boolean>;
    /**
     * The certificate issuer.
     */
    readonly issuer: pulumi.Output<string>;
    /**
     * The name of the Proxmox VE node for which to order/manage the ACME certificate.
     */
    readonly nodeName: pulumi.Output<string>;
    /**
     * The certificate expiration timestamp.
     */
    readonly notAfter: pulumi.Output<string>;
    /**
     * The certificate start timestamp.
     */
    readonly notBefore: pulumi.Output<string>;
    /**
     * The certificate subject.
     */
    readonly subject: pulumi.Output<string>;
    /**
     * The certificate subject alternative names (SANs).
     */
    readonly subjectAlternativeNames: pulumi.Output<string[]>;
    /**
     * Create a Certificate resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: CertificateArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering Certificate resources.
 */
export interface CertificateState {
    /**
     * The ACME account name to use for ordering the certificate.
     */
    account?: pulumi.Input<string | undefined>;
    /**
     * The PEM-encoded certificate data.
     */
    certificate?: pulumi.Input<string | undefined>;
    /**
     * The list of domains to include in the certificate. At least one domain is required.
     */
    domains?: pulumi.Input<pulumi.Input<inputs.acme.CertificateDomain>[] | undefined>;
    /**
     * The certificate fingerprint.
     */
    fingerprint?: pulumi.Input<string | undefined>;
    /**
     * Force certificate renewal even if the certificate is not due for renewal yet. Setting this to true will trigger a new certificate order on every apply.
     */
    force?: pulumi.Input<boolean | undefined>;
    /**
     * The certificate issuer.
     */
    issuer?: pulumi.Input<string | undefined>;
    /**
     * The name of the Proxmox VE node for which to order/manage the ACME certificate.
     */
    nodeName?: pulumi.Input<string | undefined>;
    /**
     * The certificate expiration timestamp.
     */
    notAfter?: pulumi.Input<string | undefined>;
    /**
     * The certificate start timestamp.
     */
    notBefore?: pulumi.Input<string | undefined>;
    /**
     * The certificate subject.
     */
    subject?: pulumi.Input<string | undefined>;
    /**
     * The certificate subject alternative names (SANs).
     */
    subjectAlternativeNames?: pulumi.Input<pulumi.Input<string>[] | undefined>;
}
/**
 * The set of arguments for constructing a Certificate resource.
 */
export interface CertificateArgs {
    /**
     * The ACME account name to use for ordering the certificate.
     */
    account: pulumi.Input<string>;
    /**
     * The list of domains to include in the certificate. At least one domain is required.
     */
    domains: pulumi.Input<pulumi.Input<inputs.acme.CertificateDomain>[]>;
    /**
     * Force certificate renewal even if the certificate is not due for renewal yet. Setting this to true will trigger a new certificate order on every apply.
     */
    force?: pulumi.Input<boolean | undefined>;
    /**
     * The name of the Proxmox VE node for which to order/manage the ACME certificate.
     */
    nodeName: pulumi.Input<string>;
}
//# sourceMappingURL=certificate.d.ts.map