CertificateConfig

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

JSON representation
{
  "subjectConfig": {
    object (SubjectConfig)
  },
  "x509Config": {
    object (X509Parameters)
  },
  "publicKey": {
    object (PublicKey)
  },
  "subjectKeyId": {
    object (KeyId)
  }
}
Fields
subjectConfig

object (SubjectConfig)

Required. Specifies some of the values in a certificate that are related to the subject.

x509Config

object (X509Parameters)

Required. Describes how some of the technical X.509 fields in a certificate should be populated.

publicKey

object (PublicKey)

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

subjectKeyId

object (KeyId)

Optional. When specified this provides a custom SKI to be used in the certificate. This should only be used to maintain a SKI of an existing CA originally created outside CA service, which was not generated using method (1) described in RFC 5280 section 4.2.1.2.

SubjectConfig

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

JSON representation
{
  "subject": {
    object (Subject)
  },
  "subjectAltName": {
    object (SubjectAltNames)
  }
}
Fields
subject

object (Subject)

Optional. Contains distinguished name fields such as the common name, location and organization.

subjectAltName

object (SubjectAltNames)

Optional. The subject alternative name fields.

KeyId

A KeyId identifies a specific public key, usually by hashing the public key.

JSON representation
{
  "keyId": string
}
Fields
keyId

string

Required. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.