caption: TLS certificates that should be trusted by <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> for server authentication with constraints
default: null
desc: |-
A list of TLS certificates that should be trusted by <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> for server authentication, with constraints added outside the certificate. If no constraint of a certain type is present, then any name of that type is allowed.
Certificates should be base64-encoded. At least one constraint must be specified for each certificate.
example_value:
- certificate: "MIICCTCCAY6gAwIBAgINAgPluILrIPglJ209ZjAKBggqhkjOPQQDAzBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout736GjOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2ADDL24CejQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEA9uEglRR7VKOQFhG/hMjqb2sXnh5GmCCbn9MN2azTL818+FsuVbu/3ZL3pAzcMeGiAjEA/JdmZuVDFhOD3cffL74UOO0BzrEXGhF16b0DjyZ+hOXJYKaV11RZt+cRLInUue4X"
constraints:
permitted_dns_names:
- "example.org"
permitted_cidrs:
- "10.1.1.0/24"
features:
dynamic_refresh: true
per_profile: true
owners:
- [email protected]
- [email protected]
- [email protected]
- [email protected]
- [email protected]
schema:
type: array
items:
type: object
properties:
certificate:
type: string
constraints:
type: object
properties:
permitted_dns_names:
type: array
items:
type: string
permitted_cidrs:
type: array
items:
type: string
future_on:
- chrome.linux
- chrome.mac
- chrome.win
- android
- chrome_os
tags: []
type: dict