Certificate Authority v1 API - Namespace Google.Cloud.Security.PrivateCA.V1 (3.9.0)

Classes

ActivateCertificateAuthorityRequest

Request message for [CertificateAuthorityService.ActivateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.ActivateCertificateAuthority].

CaPool

A [CaPool][google.cloud.security.privateca.v1.CaPool] represents a group of [CertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthority] that form a trust anchor. A [CaPool][google.cloud.security.privateca.v1.CaPool] can be used to manage issuance policies for one or more [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] resources and to rotate CA certificates in and out of the trust anchor.

CaPool.Types

Container for nested types declared in the CaPool message type.

CaPool.Types.IssuancePolicy

Defines controls over all certificate issuance within a [CaPool][google.cloud.security.privateca.v1.CaPool].

CaPool.Types.IssuancePolicy.Types

Container for nested types declared in the IssuancePolicy message type.

CaPool.Types.IssuancePolicy.Types.AllowedKeyType

Describes a "type" of key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool]. Note that a single [AllowedKeyType][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.AllowedKeyType] may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types

Container for nested types declared in the AllowedKeyType message type.

CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.EcKeyType

Describes an Elliptic Curve key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].

CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.EcKeyType.Types

Container for nested types declared in the EcKeyType message type.

CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.RsaKeyType

Describes an RSA key that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].

CaPool.Types.IssuancePolicy.Types.IssuanceModes

[IssuanceModes][google.cloud.security.privateca.v1.CaPool.IssuancePolicy.IssuanceModes] specifies the allowed ways in which [Certificates][google.cloud.security.privateca.v1.Certificate] may be requested from this [CaPool][google.cloud.security.privateca.v1.CaPool].

CaPool.Types.PublishingOptions

Options relating to the publication of each [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate and CRLs and their inclusion as extensions in issued [Certificates][google.cloud.security.privateca.v1.Certificate]. The options set here apply to certificates issued by any [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] in the [CaPool][google.cloud.security.privateca.v1.CaPool].

CaPool.Types.PublishingOptions.Types

Container for nested types declared in the PublishingOptions message type.

CaPoolName

Resource name for the CaPool resource.

Certificate

A [Certificate][google.cloud.security.privateca.v1.Certificate] corresponds to a signed X.509 certificate issued by a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].

Certificate.Types

Container for nested types declared in the Certificate message type.

Certificate.Types.RevocationDetails

Describes fields that are relavent to the revocation of a [Certificate][google.cloud.security.privateca.v1.Certificate].

CertificateAuthority

A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1.Certificate].

CertificateAuthority.Types

Container for nested types declared in the CertificateAuthority message type.

CertificateAuthority.Types.AccessUrls

URLs where a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will publish content.

CertificateAuthority.Types.KeyVersionSpec

A Cloud KMS key configuration that a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will use.

CertificateAuthorityName

Resource name for the CertificateAuthority resource.

CertificateAuthorityService

[Certificate Authority Service][google.cloud.security.privateca.v1.CertificateAuthorityService] manages private certificate authorities and issued certificates.

CertificateAuthorityService.CertificateAuthorityServiceBase

Base class for server-side implementations of CertificateAuthorityService

CertificateAuthorityService.CertificateAuthorityServiceClient

Client for CertificateAuthorityService

CertificateAuthorityServiceClient

CertificateAuthorityService client wrapper, for convenient use.

CertificateAuthorityServiceClientBuilder

Builder class for CertificateAuthorityServiceClient to provide simple configuration of credentials, endpoint etc.

CertificateAuthorityServiceClientImpl

CertificateAuthorityService client wrapper implementation, for convenient use.

CertificateAuthorityServiceSettings

Settings for CertificateAuthorityServiceClient instances.

CertificateConfig

A [CertificateConfig][google.cloud.security.privateca.v1.CertificateConfig] describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

CertificateConfig.Types

Container for nested types declared in the CertificateConfig message type.

CertificateConfig.Types.KeyId

A KeyId identifies a specific public key, usually by hashing the public key.

CertificateConfig.Types.SubjectConfig

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

CertificateDescription

A [CertificateDescription][google.cloud.security.privateca.v1.CertificateDescription] describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

CertificateDescription.Types

Container for nested types declared in the CertificateDescription message type.

CertificateDescription.Types.CertificateFingerprint

A group of fingerprints for the x509 certificate.

CertificateDescription.Types.KeyId

A KeyId identifies a specific public key, usually by hashing the public key.

CertificateDescription.Types.SubjectDescription

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

CertificateExtensionConstraints

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

CertificateExtensionConstraints.Types

Container for nested types declared in the CertificateExtensionConstraints message type.

CertificateIdentityConstraints

Describes constraints on a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames].

CertificateName

Resource name for the Certificate resource.

CertificateRevocationList

A [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList] corresponds to a signed X.509 certificate Revocation List (CRL). A CRL contains the serial numbers of certificates that should no longer be trusted.

CertificateRevocationList.Types

Container for nested types declared in the CertificateRevocationList message type.

CertificateRevocationList.Types.RevokedCertificate

Describes a revoked [Certificate][google.cloud.security.privateca.v1.Certificate].

CertificateRevocationListName

Resource name for the CertificateRevocationList resource.

CertificateTemplate

A [CertificateTemplate][google.cloud.security.privateca.v1.CertificateTemplate] refers to a managed template for certificate issuance.

CertificateTemplateName

Resource name for the CertificateTemplate resource.

CreateCaPoolRequest

Request message for [CertificateAuthorityService.CreateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCaPool].

CreateCertificateAuthorityRequest

Request message for [CertificateAuthorityService.CreateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateAuthority].

CreateCertificateRequest

Request message for [CertificateAuthorityService.CreateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificate].

CreateCertificateTemplateRequest

Request message for [CertificateAuthorityService.CreateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.CreateCertificateTemplate].

DeleteCaPoolRequest

Request message for [CertificateAuthorityService.DeleteCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCaPool].

DeleteCertificateAuthorityRequest

Request message for [CertificateAuthorityService.DeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateAuthority].

DeleteCertificateTemplateRequest

Request message for [CertificateAuthorityService.DeleteCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.DeleteCertificateTemplate].

DisableCertificateAuthorityRequest

Request message for [CertificateAuthorityService.DisableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.DisableCertificateAuthority].

EnableCertificateAuthorityRequest

Request message for [CertificateAuthorityService.EnableCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.EnableCertificateAuthority].

FetchCaCertsRequest

Request message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].

FetchCaCertsResponse

Response message for [CertificateAuthorityService.FetchCaCerts][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCaCerts].

FetchCaCertsResponse.Types

Container for nested types declared in the FetchCaCertsResponse message type.

FetchCaCertsResponse.Types.CertChain

FetchCertificateAuthorityCsrRequest

Request message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].

FetchCertificateAuthorityCsrResponse

Response message for [CertificateAuthorityService.FetchCertificateAuthorityCsr][google.cloud.security.privateca.v1.CertificateAuthorityService.FetchCertificateAuthorityCsr].

GetCaPoolRequest

Request message for [CertificateAuthorityService.GetCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCaPool].

GetCertificateAuthorityRequest

Request message for [CertificateAuthorityService.GetCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateAuthority].

GetCertificateRequest

Request message for [CertificateAuthorityService.GetCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificate].

GetCertificateRevocationListRequest

Request message for [CertificateAuthorityService.GetCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateRevocationList].

GetCertificateTemplateRequest

Request message for [CertificateAuthorityService.GetCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.GetCertificateTemplate].

KeyUsage

A [KeyUsage][google.cloud.security.privateca.v1.KeyUsage] describes key usage values that may appear in an X.509 certificate.

KeyUsage.Types

Container for nested types declared in the KeyUsage message type.

KeyUsage.Types.ExtendedKeyUsageOptions

[KeyUsage.ExtendedKeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.ExtendedKeyUsageOptions] has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

KeyUsage.Types.KeyUsageOptions

[KeyUsage.KeyUsageOptions][google.cloud.security.privateca.v1.KeyUsage.KeyUsageOptions] corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

ListCaPoolsRequest

Request message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].

ListCaPoolsResponse

Response message for [CertificateAuthorityService.ListCaPools][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCaPools].

ListCertificateAuthoritiesRequest

Request message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].

ListCertificateAuthoritiesResponse

Response message for [CertificateAuthorityService.ListCertificateAuthorities][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateAuthorities].

ListCertificateRevocationListsRequest

Request message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].

ListCertificateRevocationListsResponse

Response message for [CertificateAuthorityService.ListCertificateRevocationLists][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateRevocationLists].

ListCertificateTemplatesRequest

Request message for [CertificateAuthorityService.ListCertificateTemplates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateTemplates].

ListCertificateTemplatesResponse

Response message for [CertificateAuthorityService.ListCertificateTemplates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificateTemplates].

ListCertificatesRequest

Request message for [CertificateAuthorityService.ListCertificates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificates].

ListCertificatesResponse

Response message for [CertificateAuthorityService.ListCertificates][google.cloud.security.privateca.v1.CertificateAuthorityService.ListCertificates].

ObjectId

An [ObjectId][google.cloud.security.privateca.v1.ObjectId] specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

OperationMetadata

Represents the metadata of the long-running operation.

PublicKey

A [PublicKey][google.cloud.security.privateca.v1.PublicKey] describes a public key.

PublicKey.Types

Container for nested types declared in the PublicKey message type.

RevokeCertificateRequest

Request message for [CertificateAuthorityService.RevokeCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.RevokeCertificate].

Subject

[Subject][google.cloud.security.privateca.v1.Subject] describes parts of a distinguished name that, in turn, describes the subject of the certificate.

SubjectAltNames

[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

SubordinateConfig

Describes a subordinate CA's issuers. This is either a resource name to a known issuing [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], or a PEM issuer certificate chain.

SubordinateConfig.Types

Container for nested types declared in the SubordinateConfig message type.

SubordinateConfig.Types.SubordinateConfigChain

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

UndeleteCertificateAuthorityRequest

Request message for [CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority].

UpdateCaPoolRequest

Request message for [CertificateAuthorityService.UpdateCaPool][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCaPool].

UpdateCertificateAuthorityRequest

Request message for [CertificateAuthorityService.UpdateCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateAuthority].

UpdateCertificateRequest

Request message for [CertificateAuthorityService.UpdateCertificate][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificate].

UpdateCertificateRevocationListRequest

Request message for [CertificateAuthorityService.UpdateCertificateRevocationList][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateRevocationList].

UpdateCertificateTemplateRequest

Request message for [CertificateAuthorityService.UpdateCertificateTemplate][google.cloud.security.privateca.v1.CertificateAuthorityService.UpdateCertificateTemplate].

X509Extension

An [X509Extension][google.cloud.security.privateca.v1.X509Extension] specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

X509Parameters

An [X509Parameters][google.cloud.security.privateca.v1.X509Parameters] is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

X509Parameters.Types

Container for nested types declared in the X509Parameters message type.

X509Parameters.Types.CaOptions

Describes values that are relevant in a CA certificate.

X509Parameters.Types.NameConstraints

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

Enums

CaPool.Types.IssuancePolicy.Types.AllowedKeyType.KeyTypeOneofCase

Enum of possible cases for the "key_type" oneof.

CaPool.Types.IssuancePolicy.Types.AllowedKeyType.Types.EcKeyType.Types.EcSignatureAlgorithm

Describes an elliptic curve-based signature algorithm that may be used in a [Certificate][google.cloud.security.privateca.v1.Certificate] issued from a [CaPool][google.cloud.security.privateca.v1.CaPool].

CaPool.Types.PublishingOptions.Types.EncodingFormat

Supported encoding formats for publishing.

CaPool.Types.Tier

The tier of a [CaPool][google.cloud.security.privateca.v1.CaPool], indicating its supported functionality and/or billing SKU.

CaPoolName.ResourceNameType

The possible contents of CaPoolName.

Certificate.CertificateConfigOneofCase

Enum of possible cases for the "certificate_config" oneof.

CertificateAuthority.Types.KeyVersionSpec.KeyVersionOneofCase

Enum of possible cases for the "KeyVersion" oneof.

CertificateAuthority.Types.SignHashAlgorithm

The algorithm of a Cloud KMS CryptoKeyVersion of a [CryptoKey][google.cloud.kms.v1.CryptoKey] with the [CryptoKeyPurpose][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose] value ASYMMETRIC_SIGN. These values correspond to the [CryptoKeyVersionAlgorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] values. For RSA signing algorithms, the PSS algorithms should be preferred, use PKCS1 algorithms if required for compatibility. For further recommendations, see https://cloud.google.com/kms/docs/algorithms#algorithm_recommendations.

CertificateAuthority.Types.State

The state of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating if it can be used.

CertificateAuthority.Types.Type

The type of a [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], indicating its issuing chain.

CertificateAuthorityName.ResourceNameType

The possible contents of CertificateAuthorityName.

CertificateExtensionConstraints.Types.KnownCertificateExtension

Describes well-known X.509 extensions that can appear in a [Certificate][google.cloud.security.privateca.v1.Certificate], not including the [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] extension.

CertificateName.ResourceNameType

The possible contents of CertificateName.

CertificateRevocationList.Types.State

The state of a [CertificateRevocationList][google.cloud.security.privateca.v1.CertificateRevocationList], indicating if it is current.

CertificateRevocationListName.ResourceNameType

The possible contents of CertificateRevocationListName.

CertificateTemplateName.ResourceNameType

The possible contents of CertificateTemplateName.

PublicKey.Types.KeyFormat

Types of public keys formats that are supported. Currently, only PEM format is supported.

RevocationReason

A [RevocationReason][google.cloud.security.privateca.v1.RevocationReason] indicates whether a [Certificate][google.cloud.security.privateca.v1.Certificate] has been revoked, and the reason for revocation. These correspond to standard revocation reasons from RFC 5280. Note that the enum labels and values in this definition are not the same ASN.1 values defined in RFC 5280. These values will be translated to the correct ASN.1 values when a CRL is created.

SubjectRequestMode

Describes the way in which a [Certificate][google.cloud.security.privateca.v1.Certificate]'s [Subject][google.cloud.security.privateca.v1.Subject] and/or [SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be resolved.

SubordinateConfig.SubordinateConfigOneofCase

Enum of possible cases for the "subordinate_config" oneof.