List certificate authorities
This page explains how you can list the certificate authorities (CAs) in a Google Cloud project.
List root CAs
This section shows how to view the root CAs.
List root CAs across CA pools
To list all the root CAs across CA pools, do the following:
Console
In the Google Cloud console, go to the Certificate Authority Service page.
Click the CA manager tab to go to the Certificate authorities page.
In the
Filter field, select Type in the list.Set the value of Type as Root.
All CAs with Type set as Root are listed.
gcloud
Run the following command:
gcloud privateca roots list --location LOCATION
Replace LOCATION with the location of the root CAs. For the complete list of locations, see Locations.
List root CAs in a particular CA pool
To list all the root CAs in a particular CA pool, use the following instructions:
Console
Go to the Certificate Authority Service page.
Click the CA manager tab to go to the Certificate authorities page.
In the
Filter field, select Type in the list.Set the value of Type as Root.
In the Filter field, select Pool in the list.
Click the name of the CA pool in the list.
gcloud
Run the following command:
gcloud privateca roots list --location LOCATION --pool POOL_ID
Replace the following:
- LOCATION: The location of the CA pool. For the complete list of locations, see Locations.
- POOL_ID: The name of the CA pool.
To list root CAs across all CA pools and locations, omit the --pool
and
--location
flags from the command.
For more information about the gcloud privateca roots list
command, see
gcloud privateca roots list.
List subordinate CAs
This section shows how to view the subordinate CAs.
List subordinate CAs across CA pools
To list all the subordinate CAs across CA pools, do the following:
Console
Go to the Certificate Authority Service page.
Click the CA manager tab to go to the Certificate authorities page.
In the
Filter field, select Type in the list.Set the value of Type as Subordinate.
All CAs with Type set as Subordinate are listed.
gcloud
Run the following command:
gcloud privateca subordinates list --location LOCATION
Replace LOCATION with the location of the subordinate CAs. For the complete list of locations, see Locations.
List subordinate CAs in a particular CA pool
To list all the subordinate CAs in a particular CA pool, do the following:
Console
Go to the Certificate Authority Service page.
Click the CA manager tab to go to the Certificate authorities page.
In the
Filter field, select Type in the list.Set the value of Type as Subordinate.
In the
Filter field, select Pool in the list.Click the name of the CA pool in the list.
gcloud
Run the following command:
gcloud privateca subordinates list --location LOCATION --pool POOL_ID
Replace the following:
- LOCATION: The location of the CA pool. For the complete list of locations, see Locations.
- POOL_ID: The name of the CA pool.
For more information about the gcloud privateca subordinates list
command, see gcloud privateca subordinates list.
List all CAs
To list all the CAs in a CA pool, use the following instructions:
Console
Go to the Certificate Authority Service page.
Click the CA manager tab to go to the Certificate authorities page.
In the
Filter field, select Pool in the list.Click the name of the CA pool in the list.
Alternatively, you can view the CAs in a particular CA pool from the CA pool manager page by doing the following:
- Click the CA pool manager tab.
- On the CA pools page, click the name of the CA pool whose CAs you want to view.
On the CA pool details page, you can see the CAs listed under Certificate authorities in pool. You can filter the CAs based on type, tier, location, state, and more.
Go
To authenticate to CA Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.
Java
To authenticate to CA Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.
Python
To authenticate to CA Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.
What's next
- Learn how to delete CAs.