REST Resource: sslCertificates

Resource: SslCertificate

Represents an SSL certificate resource.

Google Compute Engine has two SSL certificate resources:

The global SSL certificates (sslCertificates) are used by:

  • Global external Application Load Balancers
  • Classic Application Load Balancers
  • Proxy Network Load Balancers (with target SSL proxies)

The regional SSL certificates (regionSslCertificates) are used by:

  • Regional external Application Load Balancers
  • Regional internal Application Load Balancers

Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.

JSON representation
{
  "kind": string,
  "id": string,
  "creationTimestamp": string,
  "name": string,
  "description": string,
  "selfLink": string,
  "certificate": string,
  "privateKey": string,
  "managed": {
    "domains": [
      string
    ],
    "status": enum,
    "domainStatus": {
      string: enum,
      ...
    }
  },
  "selfManaged": {
    "certificate": string,
    "privateKey": string
  },
  "type": enum,
  "subjectAlternativeNames": [
    string
  ],
  "expireTime": string,
  "region": string
}
Fields
kind

string

[Output Only] Type of the resource. Always compute#sslCertificate for SSL certificates.

id

string (uint64 format)

[Output Only] The unique identifier for the resource. This identifier is defined by the server.

creationTimestamp

string

[Output Only] Creation timestamp in RFC3339 text format.

name

string

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

description

string

An optional description of this resource. Provide this property when you create the resource.

certificate

string

A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.

privateKey

string

A value read into memory from a write-only private key file. The private key file must be in PEM format. For security, only insert requests include this field.

managed

object

Configuration and status of a managed SSL certificate.

managed.domains[]

string

The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the maximum number of domains per Google-managed SSL certificate.

managed.status

enum

[Output only] Status of the managed certificate resource.

managed.domainStatus

map (key: string, value: enum)

[Output only] Detailed statuses of the domains specified for managed certificate resource.

selfManaged

object

Configuration and status of a self-managed SSL certificate.

selfManaged.certificate

string

A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.

selfManaged.privateKey

string

A write-only private key in PEM format. Only insert requests will include this field.

type

enum

(Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields certificate and privateKey are used.

subjectAlternativeNames[]

string

[Output Only] Domains associated with the certificate via Subject Alternative Name.

expireTime

string

[Output Only] Expire time of the certificate. RFC3339

region

string

[Output Only] URL of the region where the regional SSL Certificate resides. This field is not applicable to global SSL Certificate.

Methods

aggregatedList

Retrieves the list of all SslCertificate resources, regional and global, available to the specified project.

delete

Deletes the specified SslCertificate resource.

get

Returns the specified SslCertificate resource.

insert

Creates a SslCertificate resource in the specified project using the data included in the request.

list

Retrieves the list of SslCertificate resources available to the specified project.

testIamPermissions

Returns permissions that a caller has on the specified resource.