Resource: AuthorizedCertificate
An SSL certificate that a user has been authorized to administer. A user is authorized to administer any certificate that applies to one of their authorized domains.
| JSON representation |
|---|
{ "name": string, "id": string, "displayName": string, "domainNames": [ string ], "expireTime": string, "certificateRawData": { object ( |
| Fields | |
|---|---|
name |
Full path to the Note: This field is used in responses only. Any value specified here in a request is ignored. |
id |
Relative name of the certificate. This is a unique value autogenerated on Note: This field is used in responses only. Any value specified here in a request is ignored. |
displayName |
The user-specified display name of the certificate. This is not guaranteed to be unique. Example: |
domainNames[] |
Topmost applicable domains of this certificate. This certificate applies to these domains and their subdomains. Example: Note: This field is used in responses only. Any value specified here in a request is ignored. |
expireTime |
The time when this certificate expires. To update the renewal time on this certificate, upload an SSL certificate with a different expiration time using A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: Note: This field is used in responses only. Any value specified here in a request is ignored. |
certificateRawData |
The SSL certificate serving the |
managedCertificate |
Only applicable if this certificate is managed by App Engine. Managed certificates are tied to the lifecycle of a Note: This field is used in responses only. Any value specified here in a request is ignored. |
visibleDomainMappings[] |
The full paths to user visible Domain Mapping resources that have this certificate mapped. Example: This may not represent the full list of mapped domain mappings if the user does not have Only returned by Note: This field is used in responses only. Any value specified here in a request is ignored. |
domainMappingsCount |
Aggregate count of the domain mappings with this certificate mapped. This count includes domain mappings on applications for which the user does not have Only returned by Note: This field is used in responses only. Any value specified here in a request is ignored. |
CertificateRawData
An SSL certificate obtained from a certificate authority.
| JSON representation |
|---|
{ "publicCertificate": string, "privateKey": string } |
| Fields | |
|---|---|
publicCertificate |
PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example: -----BEGIN CERTIFICATE----- |
privateKey |
Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example: -----BEGIN RSA PRIVATE KEY----- @InputOnly |
ManagedCertificate
A certificate managed by App Engine.
| JSON representation |
|---|
{
"lastRenewalTime": string,
"status": enum ( |
| Fields | |
|---|---|
lastRenewalTime |
Time at which the certificate was last renewed. The renewal process is fully managed. Certificate renewal will automatically occur before the certificate expires. Renewal errors can be tracked via A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: Note: This field is used in responses only. Any value specified here in a request is ignored. |
status |
Status of certificate management. Refers to the most recent certificate acquisition or renewal attempt. Note: This field is used in responses only. Any value specified here in a request is ignored. |
ManagementStatus
State of certificate management. Refers to the most recent certificate acquisition or renewal attempt.
| Enums | |
|---|---|
MANAGEMENT_STATUS_UNSPECIFIED |
|
OK |
Certificate was successfully obtained and inserted into the serving system. |
PENDING |
Certificate is under active attempts to acquire or renew. |
FAILED_RETRYING_NOT_VISIBLE |
Most recent renewal failed due to an invalid DNS setup and will be retried. Renewal attempts will continue to fail until the certificate domain's DNS configuration is fixed. The last successfully provisioned certificate may still be serving. |
FAILED_PERMANENT |
All renewal attempts have been exhausted, likely due to an invalid DNS setup. |
FAILED_RETRYING_CAA_FORBIDDEN |
Most recent renewal failed due to an explicit CAA record that does not include one of the in-use CAs (Google CA and Let's Encrypt). Renewals will continue to fail until the CAA is reconfigured. The last successfully provisioned certificate may still be serving. |
FAILED_RETRYING_CAA_CHECKING |
Most recent renewal failed due to a CAA retrieval failure. This means that the domain's DNS provider does not properly handle CAA records, failing requests for CAA records when no CAA records are defined. Renewals will continue to fail until the DNS provider is changed or a CAA record is added for the given domain. The last successfully provisioned certificate may still be serving. |
Methods |
|
|---|---|
|
Uploads the specified SSL certificate. |
|
Deletes the specified SSL certificate. |
|
Gets the specified SSL certificate. |
|
Lists all SSL certificates the user is authorized to administer. |
|
Updates the specified SSL certificate. |