SslCerts: insert

Requires authorization

Creates an SSL certificate and returns it along with the private key and server certificate authority.

For First Generation instances, the new certificate does not take effect until the instance is restarted.


HTTP request



Parameter name Value Description
Path parameters
instance string Cloud SQL instance ID. This does not include the project ID.
project string Project ID of the project that contains the instance.


This request requires authorization with at least one of the following scopes (read more about authentication and authorization).


Request body

In the request body, supply data with the following structure:

  "commonName": string
Property name Value Description Notes
commonName string User supplied name. Must be a distinct name from the other certificates for this instance.


If successful, this method returns a response body with the following structure:

  "kind": "sql#sslCertsInsert",
  "serverCaCert": sslCerts Resource,
  "clientCert": {
    "certInfo": sslCerts Resource,
    "certPrivateKey": string
  "operation": operations Resource
Property name Value Description Notes
kind string This is always sql#sslCertsInsert.
serverCaCert nested object The server Certificate Authority's certificate. If this is missing you can force a new one to be generated by calling resetSslConfig method on instances resource.
clientCert nested object The new client certificate and private key. The new certificate will not work until the instance is restarted for First Generation instances.
clientCert.certInfo nested object The public information about the cert.
clientCert.certPrivateKey string The private key for the client cert, in pem format. Keep private in order to protect your security.
operation nested object The operation to track the ssl certs insert request.

Monitor your resources on the go

Get the Google Cloud Console app to help you manage your projects.

Send feedback about...

Cloud SQL for MySQL