Class Certificate

A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Attributes
NameDescription
strname
Output only. The resource name for this Certificate in the format ``projects/*/locations/*/caPools/*/certificates/*``.
strpem_csr
Immutable. A pem-encoded X.509 certificate signing request (CSR). This field is a member of `oneof`_ ``certificate_config``.
google.cloud.security.privateca_v1.types.CertificateConfigconfig
Immutable. A description of the certificate and key that does not require X.509 or ASN.1. This field is a member of `oneof`_ ``certificate_config``.
strissuer_certificate_authority
Output only. The resource name of the issuing CertificateAuthority in the format ``projects/*/locations/*/caPools/*/certificateAuthorities/*``.
google.protobuf.duration_pb2.Durationlifetime
Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
strcertificate_template
Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format ``projects/*/locations/*/certificateTemplates/*``. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
google.cloud.security.privateca_v1.types.SubjectRequestModesubject_mode
Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the ``DEFAULT`` subject mode will be used.
google.cloud.security.privateca_v1.types.Certificate.RevocationDetailsrevocation_details
Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
strpem_certificate
Output only. The pem-encoded, signed X.509 certificate.
google.cloud.security.privateca_v1.types.CertificateDescriptioncertificate_description
Output only. A structured description of the issued X.509 certificate.
Sequence[str]pem_certificate_chain
Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
google.protobuf.timestamp_pb2.Timestampcreate_time
Output only. The time at which this Certificate was created.
google.protobuf.timestamp_pb2.Timestampupdate_time
Output only. The time at which this Certificate was updated.
Sequence[google.cloud.security.privateca_v1.types.Certificate.LabelsEntry]labels
Optional. Labels with user-defined metadata.

Inheritance

builtins.object > proto.message.Message > Certificate

Classes

LabelsEntry

LabelsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)

API documentation for security.privateca_v1.types.Certificate.LabelsEntry class.

RevocationDetails

RevocationDetails(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Describes fields that are relavent to the revocation of a Certificate.