Method: sslCertificates.get

HTTP request
Path parameters
Request body
Response body
- JSON representation
Authorization scopes
IAM Permissions
Try it!

Returns the specified SslCertificate resource.

HTTP request

GET https://compute.googleapis.com/compute/v1/projects/{project}/global/sslCertificates/{sslCertificate}

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters

Parameters
`project`	`string` Project ID for this request.
`sslCertificate`	`string` Name of the SslCertificate resource to return.

project

string

Project ID for this request.

sslCertificate

string

Name of the SslCertificate resource to return.

Request body

The request body must be empty.

Response body

Represents an SSL certificate resource.

Google Compute Engine has two SSL certificate resources:

The global SSL certificates (sslCertificates) are used by:

Global external Application Load Balancers
Classic Application Load Balancers
Proxy Network Load Balancers (with target SSL proxies)

The regional SSL certificates (regionSslCertificates) are used by:

Regional external Application Load Balancers
Regional internal Application Load Balancers

Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.

If successful, the response body contains data with the following structure:

JSON representation
{ "kind": string, "id": string, "creationTimestamp": string, "name": string, "description": string, "selfLink": string, "certificate": string, "privateKey": string, "managed": { "domains": [ string ], "status": enum, "domainStatus": { string: enum, ... } }, "selfManaged": { "certificate": string, "privateKey": string }, "type": enum, "subjectAlternativeNames": [ string ], "expireTime": string, "region": string }

JSON representation

{
  "kind": string,
  "id": string,
  "creationTimestamp": string,
  "name": string,
  "description": string,
  "selfLink": string,
  "certificate": string,
  "privateKey": string,
  "managed": {
    "domains": [
      string
    ],
    "status": enum,
    "domainStatus": {
      string: enum,
      ...
    }
  },
  "selfManaged": {
    "certificate": string,
    "privateKey": string
  },
  "type": enum,
  "subjectAlternativeNames": [
    string
  ],
  "expireTime": string,
  "region": string
}

Fields
`kind`	`string` [Output Only] Type of the resource. Always `compute#sslCertificate` for SSL certificates.
`id`	`string (uint64 format)` [Output Only] The unique identifier for the resource. This identifier is defined by the server.
`creationTimestamp`	`string` [Output Only] Creation timestamp in RFC3339 text format.
`name`	`string` Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
`description`	`string` An optional description of this resource. Provide this property when you create the resource.
`selfLink`	`string` [Output only] Server-defined URL for the resource.
`certificate`	`string` A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
`privateKey`	`string` A value read into memory from a write-only private key file. The private key file must be in PEM format. For security, only `insert` requests include this field.
`managed`	`object` Configuration and status of a managed SSL certificate.
`managed.domains[]`	`string` The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the maximum number of domains per Google-managed SSL certificate.
`managed.status`	`enum` [Output only] Status of the managed certificate resource.
`managed.domainStatus`	`map (key: string, value: enum)` [Output only] Detailed statuses of the domains specified for managed certificate resource.
`selfManaged`	`object` Configuration and status of a self-managed SSL certificate.
`selfManaged.certificate`	`string` A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert.
`selfManaged.privateKey`	`string` A write-only private key in PEM format. Only `insert` requests will include this field.
`type`	`enum` (Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields `certificate` and `privateKey` are used.
`subjectAlternativeNames[]`	`string` [Output Only] Domains associated with the certificate via Subject Alternative Name.
`expireTime`	`string` [Output Only] Expire time of the certificate. RFC3339
`region`	`string` [Output Only] URL of the region where the regional SSL Certificate resides. This field is not applicable to global SSL Certificate.

Authorization scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/compute.readonly
https://www.googleapis.com/auth/compute
https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.

IAM Permissions

In addition to any permissions specified on the fields above, authorization requires one or more of the following IAM permissions:

compute.sslCertificates.get

To find predefined roles that contain those permissions, see Compute Engine IAM Roles.

Method: sslCertificates.get Stay organized with collections Save and categorize content based on your preferences.