import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
 * The ``AWS::ACMPCA::Certificate`` resource is used to issue a certificate using your private certificate authority. For more information, see the [IssueCertificate](https://docs.aws.amazon.com/privateca/latest/APIReference/API_IssueCertificate.html) action.
 */
export declare class Certificate extends pulumi.CustomResource {
    /**
     * Get an existing Certificate resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): Certificate;
    /**
     * Returns true if the given object is an instance of Certificate.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is Certificate;
    /**
     * Specifies X.509 certificate information to be included in the issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored.
     */
    readonly apiPassthrough: pulumi.Output<outputs.acmpca.CertificateApiPassthrough | undefined>;
    /**
     * The Amazon Resource Name (ARN) of the issued certificate.
     */
    readonly arn: pulumi.Output<string>;
    /**
     * The issued Base64 PEM-encoded certificate.
     */
    readonly certificate: pulumi.Output<string>;
    /**
     * The Amazon Resource Name (ARN) for the private CA issues the certificate.
     */
    readonly certificateAuthorityArn: pulumi.Output<string>;
    /**
     * The certificate signing request (CSR) for the certificate.
     */
    readonly certificateSigningRequest: pulumi.Output<string>;
    /**
     * The name of the algorithm that will be used to sign the certificate to be issued.
     *  This parameter should not be confused with the ``SigningAlgorithm`` parameter used to sign a CSR in the ``CreateCertificateAuthority`` action.
     *   The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
     */
    readonly signingAlgorithm: pulumi.Output<string>;
    /**
     * Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, PCAshort defaults to the ``EndEntityCertificate/V1`` template. For more information about PCAshort templates, see [Using Templates](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html).
     */
    readonly templateArn: pulumi.Output<string | undefined>;
    /**
     * The period of time during which the certificate will be valid.
     */
    readonly validity: pulumi.Output<outputs.acmpca.CertificateValidity>;
    /**
     * Information describing the start of the validity period of the certificate. This parameter sets the "Not Before" date for the certificate.
     *  By default, when issuing a certificate, PCAshort sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ``ValidityNotBefore`` parameter can be used to customize the "Not Before" value.
     *  Unlike the ``Validity`` parameter, the ``ValidityNotBefore`` parameter is optional.
     *  The ``ValidityNotBefore`` value is expressed as an explicit date and time, using the ``Validity`` type value ``ABSOLUTE``.
     */
    readonly validityNotBefore: pulumi.Output<outputs.acmpca.CertificateValidity | undefined>;
    /**
     * Create a Certificate resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args: CertificateArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * The set of arguments for constructing a Certificate resource.
 */
export interface CertificateArgs {
    /**
     * Specifies X.509 certificate information to be included in the issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored.
     */
    apiPassthrough?: pulumi.Input<inputs.acmpca.CertificateApiPassthroughArgs>;
    /**
     * The Amazon Resource Name (ARN) for the private CA issues the certificate.
     */
    certificateAuthorityArn: pulumi.Input<string>;
    /**
     * The certificate signing request (CSR) for the certificate.
     */
    certificateSigningRequest: pulumi.Input<string>;
    /**
     * The name of the algorithm that will be used to sign the certificate to be issued.
     *  This parameter should not be confused with the ``SigningAlgorithm`` parameter used to sign a CSR in the ``CreateCertificateAuthority`` action.
     *   The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
     */
    signingAlgorithm: pulumi.Input<string>;
    /**
     * Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, PCAshort defaults to the ``EndEntityCertificate/V1`` template. For more information about PCAshort templates, see [Using Templates](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html).
     */
    templateArn?: pulumi.Input<string>;
    /**
     * The period of time during which the certificate will be valid.
     */
    validity: pulumi.Input<inputs.acmpca.CertificateValidityArgs>;
    /**
     * Information describing the start of the validity period of the certificate. This parameter sets the "Not Before" date for the certificate.
     *  By default, when issuing a certificate, PCAshort sets the "Not Before" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ``ValidityNotBefore`` parameter can be used to customize the "Not Before" value.
     *  Unlike the ``Validity`` parameter, the ``ValidityNotBefore`` parameter is optional.
     *  The ``ValidityNotBefore`` value is expressed as an explicit date and time, using the ``Validity`` type value ``ABSOLUTE``.
     */
    validityNotBefore?: pulumi.Input<inputs.acmpca.CertificateValidityArgs>;
}
