Class Certificate

A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof:

Output only. The resource name for this Certificate in the format ``projects/*/locations/*/caPools/*/certificates/*``.
Immutable. A pem-encoded X.509 certificate signing request (CSR). This field is a member of `oneof`_ ``certificate_config``.
Immutable. A description of the certificate and key that does not require X.509 or ASN.1. This field is a member of `oneof`_ ``certificate_config``.
Output only. The resource name of the issuing CertificateAuthority in the format ``projects/*/locations/*/caPools/*/certificateAuthorities/*``.
Required. Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format ``projects/*/locations/*/certificateTemplates/*``. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the ``DEFAULT`` subject mode will be used.
Output only. Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
Output only. The pem-encoded, signed X.509 certificate.
Output only. A structured description of the issued X.509 certificate.
Output only. The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
Output only. The time at which this Certificate was created.
Output only. The time at which this Certificate was updated.
Optional. Labels with user-defined metadata.


builtins.object > proto.message.Message > Certificate



LabelsEntry(mapping=None, *, ignore_unknown_fields=False, **kwargs)

API documentation for security.privateca_v1.types.Certificate.LabelsEntry class.


RevocationDetails(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Describes fields that are relavent to the revocation of a Certificate.