Classes
ActivateCertificateAuthorityRequest
Request message for [CertificateAuthorityService.ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].
CaPool
A [CaPool][google.cloud.security.privateca.v1.CaPool] represents a group of [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority] that form a trust anchor. A [CaPool][google.cloud.security.privateca.v1.CaPool] can be used to manage issuance policies for one or more [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resources and to rotate CA certificates in and out of the trust anchor.
CaPool.Types
Container for nested types declared in the CaPool message type.
CaPool.Types.IssuancePolicy
Defines controls over all certificate issuance within a [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool.Types.IssuancePolicy.Types
Container for nested types declared in the IssuancePolicy message type.
CaPool.Types.IssuancePolicy.Types.AllowedKeyType
Describes a "type" of key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool]. Note that a single [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType] may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.
CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types
Container for nested types declared in the AllowedKeyType message type.
CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.EcKeyType
Describes an Elliptic Curve key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.EcKeyType.Types
Container for nested types declared in the EcKeyType message type.
CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.RsaKeyType
Describes an RSA key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool.Types.IssuancePolicy.Types.IssuanceModes
[IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes] specifies the allowed ways in which [Certificates][google.cloud.security.privateca.v1.Certificate] may be requested from this [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool.Types.PublishingOptions
Options relating to the publication of each [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate and CRLs and their inclusion as extensions in issued [Certificates][google.cloud.security.privateca.v1.Certificate]. The options set here apply to certificates issued by any [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool.Types.PublishingOptions.Types
Container for nested types declared in the PublishingOptions message type.
CaPoolName
Resource name for the CaPool resource.
Certificate
A [Certificate][google.cloud.security.privateca.v1.Certificate] corresponds to a signed X.509 certificate issued by a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
Certificate.Types
Container for nested types declared in the Certificate message type.
Certificate.Types.RevocationDetails
Describes fields that are relavent to the revocation of a [Certificate][google.cloud.security.privateca.v1.Certificate].
CertificateAuthority
A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1.Certificate].
CertificateAuthority.Types
Container for nested types declared in the CertificateAuthority message type.
CertificateAuthority.Types.AccessUrls
URLs where a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will publish content.
CertificateAuthority.Types.KeyVersionSpec
A Cloud KMS key configuration that a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will use.
CertificateAuthorityName
Resource name for the CertificateAuthority resource.
CertificateAuthorityService
[Certificate Authority Service][google.cloud.security.privateca.v1.CertificateAuthorityService] manages private certificate authorities and issued certificates.
CertificateAuthorityService.CertificateAuthorityServiceBase
Base class for server-side implementations of CertificateAuthorityService
CertificateAuthorityService.CertificateAuthorityServiceClient
Client for CertificateAuthorityService
CertificateAuthorityServiceClient
CertificateAuthorityService client wrapper, for convenient use.
CertificateAuthorityServiceClientBuilder
Builder class for CertificateAuthorityServiceClient to provide simple configuration of credentials, endpoint etc.
CertificateAuthorityServiceClientImpl
CertificateAuthorityService client wrapper implementation, for convenient use.
CertificateAuthorityServiceSettings
Settings for CertificateAuthorityServiceClient instances.
CertificateConfig
A [CertificateConfig][google.cloud.security.privateca.v1.CertificateConfig] describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.
CertificateConfig.Types
Container for nested types declared in the CertificateConfig message type.
CertificateConfig.Types.KeyId
A KeyId identifies a specific public key, usually by hashing the public key.
CertificateConfig.Types.SubjectConfig
These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.
CertificateDescription
A [CertificateDescription][google.cloud.security.privateca.v1.CertificateDescription] describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
CertificateDescription.Types
Container for nested types declared in the CertificateDescription message type.
CertificateDescription.Types.CertificateFingerprint
A group of fingerprints for the x509 certificate.
CertificateDescription.Types.KeyId
A KeyId identifies a specific public key, usually by hashing the public key.
CertificateDescription.Types.SubjectDescription
These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.
CertificateExtensionConstraints
Describes a set of X.509 extensions that may be part of some certificate issuance controls.
CertificateExtensionConstraints.Types
Container for nested types declared in the CertificateExtensionConstraints message type.
CertificateIdentityConstraints
Describes constraints on a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames].
CertificateName
Resource name for the Certificate resource.
CertificateRevocationList
A [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.
CertificateRevocationList.Types
Container for nested types declared in the CertificateRevocationList message type.
CertificateRevocationList.Types.RevokedCertificate
Describes a revoked [Certificate][google.cloud.security.privateca.v1.Certificate].
CertificateRevocationListName
Resource name for the CertificateRevocationList resource.
CertificateTemplate
A [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] refers to a managed template for certificate issuance.
CertificateTemplateName
Resource name for the CertificateTemplate resource.
CreateCaPoolRequest
Request message for [CertificateAuthorityService.CreateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCaPool].
CreateCertificateAuthorityRequest
Request message for [CertificateAuthorityService.CreateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateAuthority].
CreateCertificateRequest
Request message for [CertificateAuthorityService.CreateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificate].
CreateCertificateTemplateRequest
Request message for [CertificateAuthorityService.CreateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateTemplate].
DeleteCaPoolRequest
Request message for [CertificateAuthorityService.DeleteCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCaPool].
DeleteCertificateAuthorityRequest
Request message for [CertificateAuthorityService.DeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateAuthority].
DeleteCertificateTemplateRequest
Request message for [CertificateAuthorityService.DeleteCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateTemplate].
DisableCertificateAuthorityRequest
Request message for [CertificateAuthorityService.DisableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DisableCertificateAuthority].
EnableCertificateAuthorityRequest
Request message for [CertificateAuthorityService.EnableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.EnableCertificateAuthority].
FetchCaCertsRequest
Request message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].
FetchCaCertsResponse
Response message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].
FetchCaCertsResponse.Types
Container for nested types declared in the FetchCaCertsResponse message type.
FetchCaCertsResponse.Types.CertChain
FetchCertificateAuthorityCsrRequest
Request message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].
FetchCertificateAuthorityCsrResponse
Response message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].
GetCaPoolRequest
Request message for [CertificateAuthorityService.GetCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCaPool].
GetCertificateAuthorityRequest
Request message for [CertificateAuthorityService.GetCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateAuthority].
GetCertificateRequest
Request message for [CertificateAuthorityService.GetCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificate].
GetCertificateRevocationListRequest
Request message for [CertificateAuthorityService.GetCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateRevocationList].
GetCertificateTemplateRequest
Request message for [CertificateAuthorityService.GetCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateTemplate].
KeyUsage
A [KeyUsage][google.cloud.security.privateca.v1.KeyUsage] describes key usage values that may appear in an X.509 certificate.
KeyUsage.Types
Container for nested types declared in the KeyUsage message type.
KeyUsage.Types.ExtendedKeyUsageOptions
[KeyUsage.ExtendedKeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions] has fields that correspond to certain common OIDs that could be specified as an extended key usage value.
KeyUsage.Types.KeyUsageOptions
[KeyUsage.KeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions] corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.
ListCaPoolsRequest
Request message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].
ListCaPoolsResponse
Response message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].
ListCertificateAuthoritiesRequest
Request message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].
ListCertificateAuthoritiesResponse
Response message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].
ListCertificateRevocationListsRequest
Request message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].
ListCertificateRevocationListsResponse
Response message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].
ListCertificateTemplatesRequest
Request message for [CertificateAuthorityService.ListCertificateTemplates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateTemplates].
ListCertificateTemplatesResponse
Response message for [CertificateAuthorityService.ListCertificateTemplates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateTemplates].
ListCertificatesRequest
Request message for [CertificateAuthorityService.ListCertificates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificates].
ListCertificatesResponse
Response message for [CertificateAuthorityService.ListCertificates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificates].
ObjectId
An [ObjectId][google.cloud.security.privateca.v1.ObjectId] specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.
OperationMetadata
Represents the metadata of the long-running operation.
PublicKey
A [PublicKey][google.cloud.security.privateca.v1.PublicKey] describes a public key.
PublicKey.Types
Container for nested types declared in the PublicKey message type.
RevokeCertificateRequest
Request message for [CertificateAuthorityService.RevokeCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.RevokeCertificate].
Subject
[Subject][google.cloud.security.privateca.v1.Subject] describes parts of a distinguished name that, in turn, describes the subject of the certificate.
SubjectAltNames
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).
SubordinateConfig
Describes a subordinate CA's issuers. This is either a resource name to a known issuing [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], or a PEM issuer certificate chain.
SubordinateConfig.Types
Container for nested types declared in the SubordinateConfig message type.
SubordinateConfig.Types.SubordinateConfigChain
This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.
UndeleteCertificateAuthorityRequest
Request message for [CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority].
UpdateCaPoolRequest
Request message for [CertificateAuthorityService.UpdateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCaPool].
UpdateCertificateAuthorityRequest
Request message for [CertificateAuthorityService.UpdateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateAuthority].
UpdateCertificateRequest
Request message for [CertificateAuthorityService.UpdateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificate].
UpdateCertificateRevocationListRequest
Request message for [CertificateAuthorityService.UpdateCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateRevocationList].
UpdateCertificateTemplateRequest
Request message for [CertificateAuthorityService.UpdateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateTemplate].
X509Extension
An [X509Extension][google.cloud.security.privateca.v1.X509Extension] specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
X509Parameters
An [X509Parameters][google.cloud.security.privateca.v1.X509Parameters] is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.
X509Parameters.Types
Container for nested types declared in the X509Parameters message type.
X509Parameters.Types.CaOptions
Describes values that are relevant in a CA certificate.
X509Parameters.Types.NameConstraints
Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10
Enums
CaPool.Types.IssuancePolicy.Types.AllowedKeyType.KeyTypeOneofCase
Enum of possible cases for the "key_type" oneof.
CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.EcKeyType.Types.EcSignatureAlgorithm
Describes an elliptic curve-based signature algorithm that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].
CaPool.Types.PublishingOptions.Types.EncodingFormat
Supported encoding formats for publishing.
CaPool.Types.Tier
The tier of a [CaPool][google.cloud.security.privateca.v1.CaPool], indicating its supported functionality and/or billing SKU.
CaPoolName.ResourceNameType
The possible contents of CaPoolName.
Certificate.CertificateConfigOneofCase
Enum of possible cases for the "certificate_config" oneof.
CertificateAuthority.Types.KeyVersionSpec.KeyVersionOneofCase
Enum of possible cases for the "KeyVersion" oneof.
CertificateAuthority.Types.SignHashAlgorithm
The algorithm of a Cloud KMS CryptoKeyVersion of a
[CryptoKey][google.cloud.kms.v1.CryptoKey] with the
[CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value
ASYMMETRIC_SIGN. These values correspond to the
[CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm]
values. For RSA signing algorithms, the PSS algorithms should be preferred,
use PKCS1 algorithms if required for compatibility. For further
recommendations, see
https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.
CertificateAuthority.Types.State
The state of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating if it can be used.
CertificateAuthority.Types.Type
The type of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating its issuing chain.
CertificateAuthorityName.ResourceNameType
The possible contents of CertificateAuthorityName.
CertificateExtensionConstraints.Types.KnownCertificateExtension
Describes well-known X.509 extensions that can appear in a [Certificate][google.cloud.security.privateca.v1.Certificate], not including the [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] extension.
CertificateName.ResourceNameType
The possible contents of CertificateName.
CertificateRevocationList.Types.State
The state of a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList], indicating if it is current.
CertificateRevocationListName.ResourceNameType
The possible contents of CertificateRevocationListName.
CertificateTemplateName.ResourceNameType
The possible contents of CertificateTemplateName.
PublicKey.Types.KeyFormat
Types of public keys formats that are supported. Currently, only PEM
format is supported.
RevocationReason
A [RevocationReason][google.cloud.security.privateca.v1.RevocationReason] indicates whether a [Certificate][google.cloud.security.privateca.v1.Certificate] has been revoked, and the reason for revocation. These correspond to standard revocation reasons from RFC 5280. Note that the enum labels and values in this definition are not the same ASN.1 values defined in RFC 5280. These values will be translated to the correct ASN.1 values when a CRL is created.
SubjectRequestMode
Describes the way in which a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and/or [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be resolved.
SubordinateConfig.SubordinateConfigOneofCase
Enum of possible cases for the "subordinate_config" oneof.