Class CertificateConfig (1.12.1)

CertificateConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

Attributes

Name Description
subject_config google.cloud.security.privateca_v1.types.CertificateConfig.SubjectConfig
Required. Specifies some of the values in a certificate that are related to the subject.
x509_config google.cloud.security.privateca_v1.types.X509Parameters
Required. Describes how some of the technical X.509 fields in a certificate should be populated.
public_key google.cloud.security.privateca_v1.types.PublicKey
Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
subject_key_id google.cloud.security.privateca_v1.types.CertificateConfig.KeyId
Optional. When specified this provides a custom SKI to be used in the certificate. This should only be used to maintain a SKI of an existing CA originally created outside CA service, which was not generated using method (1) described in RFC 5280 section 4.2.1.2.

Classes

KeyId

KeyId(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A KeyId identifies a specific public key, usually by hashing the public key.

SubjectConfig

SubjectConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.