Method: sslCerts.insert

Creates an SSL certificate and returns it along with the private key and server certificate authority. The new certificate will not be usable until the instance is restarted.

HTTP request

POST https://sqladmin.googleapis.com/sql/v1beta4/projects/{project}/instances/{instance}/sslCerts

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
project

string

Project ID of the project that contains the instance.

instance

string

Cloud SQL instance ID. This does not include the project ID.

Request body

The request body contains an instance of SslCertsInsertRequest.

Response body

If successful, the response body contains data with the following structure:

SslCert insert response.

JSON representation
{
  "kind": string,
  "operation": {
    object (Operation)
  },
  "serverCaCert": {
    object (SslCert)
  },
  "clientCert": {
    object (SslCertDetail)
  }
}
Fields
kind

string

This is always sql#sslCertsInsert.

operation

object (Operation)

The operation to track the ssl certs insert request.

serverCaCert

object (SslCert)

The server Certificate Authority's certificate. If this is missing you can force a new one to be generated by calling resetSslConfig method on instances resource.

clientCert

object (SslCertDetail)

The new client certificate and private key.

Authorization Scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/cloud-platform
  • https://www.googleapis.com/auth/sqlservice.admin

For more information, see the Authentication Overview.

SslCertsInsertRequest

SslCerts insert request.

JSON representation
{
  "commonName": string
}
Fields
commonName

string

User supplied name. Must be a distinct name from the other certificates for this instance.

SslCertDetail

SslCertDetail.

JSON representation
{
  "certInfo": {
    object (SslCert)
  },
  "certPrivateKey": string
}
Fields
certInfo

object (SslCert)

The public information about the cert.

certPrivateKey

string

The private key for the client cert, in pem format. Keep private in order to protect your security.

Examples

Uses the .NET client library.

// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Cloud SQL Administration API
//    and check the quota for your project at
//    https://console.developers.google.com/apis/api/sqladmin
// 2. This sample uses Application Default Credentials for authentication.
//    If not already done, install the gcloud CLI from
//    https://cloud.google.com/sdk and run
//    `gcloud beta auth application-default login`.
//    For more information, see
//    https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install the C# client library by adding a dependency on the relevant NuGet
//    package. Libraries published by Google are owned by google-apis-packages:
//    https://www.nuget.org/profiles/google-apis-packages

using Google.Apis.Auth.OAuth2;
using Google.Apis.SQLAdmin.v1beta4;
using Google.Apis.Services;
using Newtonsoft.Json;
using System;
using System.Threading.Tasks;

using Data = Google.Apis.SQLAdmin.v1beta4.Data;

namespace SQLAdminSample
{
   
public class SQLAdminExample
   
{
       
public static void Main(string[] args)
       
{
           
SQLAdminService sqlAdminService = new SQLAdminService(new BaseClientService.Initializer
           
{
               
HttpClientInitializer = GetCredential(),
               
ApplicationName = "Google-SQLAdminSample/0.1",
           
});

           
// Project ID of the project to which the newly created Cloud SQL instances should belong.
           
string project = "my-project";  // TODO: Update placeholder value.

           
// Cloud SQL instance ID. This does not include the project ID.
           
string instance = "my-instance";  // TODO: Update placeholder value.

           
// TODO: Assign values to desired properties of `requestBody`:
           
Data.SslCertsInsertRequest requestBody = new Data.SslCertsInsertRequest();

           
SslCertsResource.InsertRequest request = sqlAdminService.SslCerts.Insert(requestBody, project, instance);

           
// To execute asynchronously in an async method, replace `request.Execute()` as shown:
           
Data.SslCertsInsertResponse response = request.Execute();
           
// Data.SslCertsInsertResponse response = await request.ExecuteAsync();

           
// TODO: Change code below to process the `response` object:
           
Console.WriteLine(JsonConvert.SerializeObject(response));
       
}

       
public static GoogleCredential GetCredential()
       
{
           
GoogleCredential credential = Task.Run(() => GoogleCredential.GetApplicationDefaultAsync()).Result;
           
if (credential.IsCreateScopedRequired)
           
{
                credential
= credential.CreateScoped("https://www.googleapis.com/auth/cloud-platform");
           
}
           
return credential;
       
}
   
}
}

Uses the Go client library.

package main

// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Cloud SQL Administration API
//    and check the quota for your project at
//    https://console.developers.google.com/apis/api/sqladmin
// 2. This sample uses Application Default Credentials for authentication.
//    If not already done, install the gcloud CLI from
//    https://cloud.google.com/sdk/ and run
//    `gcloud beta auth application-default login`.
//    For more information, see
//    https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install and update the Go dependencies by running `go get -u` in the
//    project directory.

import (
       
"fmt"
       
"log"

       
"golang.org/x/net/context"
       
"golang.org/x/oauth2/google"
       
"google.golang.org/api/sqladmin/v1beta4"
)

func main
() {
        ctx
:= context.Background()

        c
, err := google.DefaultClient(ctx, sqladmin.CloudPlatformScope)
       
if err != nil {
                log
.Fatal(err)
       
}

        sqladminService
, err := sqladmin.New(c)
       
if err != nil {
                log
.Fatal(err)
       
}

       
// Project ID of the project to which the newly created Cloud SQL instances should belong.
        project
:= "my-project" // TODO: Update placeholder value.

       
// Cloud SQL instance ID. This does not include the project ID.
        instance
:= "my-instance" // TODO: Update placeholder value.

        rb
:= &sqladmin.SslCertsInsertRequest{
               
// TODO: Add desired fields of the request body.
       
}

        resp
, err := sqladminService.SslCerts.Insert(project, instance, rb).Context(ctx).Do()
       
if err != nil {
                log
.Fatal(err)
       
}

       
// TODO: Change code below to process the `resp` object:
        fmt
.Printf("%#v\n", resp)
}

Uses the Java client library.

/*
 * BEFORE RUNNING:
 * ---------------
 * 1. If not already done, enable the Cloud SQL Administration API
 *    and check the quota for your project at
 *    https://console.developers.google.com/apis/api/sqladmin
 * 2. This sample uses Application Default Credentials for authentication.
 *    If not already done, install the gcloud CLI from
 *    https://cloud.google.com/sdk and run
 *    `gcloud beta auth application-default login`.
 *    For more information, see
 *    https://developers.google.com/identity/protocols/application-default-credentials
 * 3. Install the Java client library on Maven or Gradle. Check installation
 *    instructions at https://github.com/google/google-api-java-client.
 *    On other build systems, you can add the jar files to your project from
 *    https://developers.google.com/resources/api-libraries/download/sqladmin/v1beta4/java
 */


import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.services.sqladmin.SQLAdmin;
import com.google.api.services.sqladmin.model.SslCertsInsertRequest;
import com.google.api.services.sqladmin.model.SslCertsInsertResponse;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Arrays;

public class SqlAdminExample {
 
public static void main(String args[]) throws IOException, GeneralSecurityException {
   
// Project ID of the project to which the newly created Cloud SQL instances should belong.
   
String project = "my-project"; // TODO: Update placeholder value.

   
// Cloud SQL instance ID. This does not include the project ID.
   
String instance = "my-instance"; // TODO: Update placeholder value.

   
// TODO: Assign values to desired fields of `requestBody`:
   
SslCertsInsertRequest requestBody = new SslCertsInsertRequest();

   
SQLAdmin sqlAdminService = createSqlAdminService();
   
SQLAdmin.SslCerts.Insert request =
        sqlAdminService
.sslCerts().insert(project, instance, requestBody);

   
SslCertsInsertResponse response = request.execute();

   
// TODO: Change code below to process the `response` object:
   
System.out.println(response);
 
}

 
public static SQLAdmin createSqlAdminService() throws IOException, GeneralSecurityException {
   
HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
   
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();

   
GoogleCredential credential = GoogleCredential.getApplicationDefault();
   
if (credential.createScopedRequired()) {
      credential
=
          credential
.createScoped(Arrays.asList("https://www.googleapis.com/auth/cloud-platform"));
   
}

   
return new SQLAdmin.Builder(httpTransport, jsonFactory, credential)
       
.setApplicationName("Google-SQLAdminSample/0.1")
       
.build();
 
}
}

Uses the Node.js client library.

// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Cloud SQL Admin API
//    and check the quota for your project at
//    https://console.developers.google.com/apis/api/sqladmin
// 2. This sample uses Application Default Credentials for authentication.
//    If not already done, install the gcloud CLI from
//    https://cloud.google.com/sdk and run
//    `gcloud beta auth application-default login`.
//    For more information, see
//    https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install the Node.js client library by running
//    `npm install googleapis --save`

const {google} = require('googleapis');
var sqlAdmin = google.sqladmin('v1beta4');

authorize
(function(authClient) {
 
var request = {
   
// Project ID of the project that contains the instance.
    project
: 'my-project',  // TODO: Update placeholder value.

   
// Cloud SQL instance ID. This does not include the project ID.
    instance
: 'my-instance',  // TODO: Update placeholder value.

    resource
: {
     
// TODO: Add desired properties to the request body.
   
},

    auth
: authClient,
 
};

  sqlAdmin
.sslCerts.insert(request, function(err, response) {
   
if (err) {
      console
.error(err);
     
return;
   
}

   
// TODO: Change code below to process the `response` object:
    console
.log(JSON.stringify(response, null, 2));
 
});
});

function authorize(callback) {
  google
.auth.getClient({
    scopes
: ['https://www.googleapis.com/auth/cloud-platform']
 
}).then(client => {
    callback
(client);
 
}).catch(err => {
    console
.error('authentication failed: ', err);
 
});
}

Uses the PHP client library.

<?php
/*
 * BEFORE RUNNING:
 * ---------------
 * 1. If not already done, enable the Cloud SQL Administration API
 *    and check the quota for your project at
 *    https://console.developers.google.com/apis/api/sqladmin
 * 2. This sample uses Application Default Credentials for authentication.
 *    If not already done, install the gcloud CLI from
 *    https://cloud.google.com/sdk and run
 *    `gcloud beta auth application-default login`.
 *    For more information, see
 *    https://developers.google.com/identity/protocols/application-default-credentials
 * 3. Install the PHP client library with Composer. Check installation
 *    instructions at https://github.com/google/google-api-php-client.
 */


// Autoload Composer.
require_once __DIR__
. '/vendor/autoload.php';

$client
= new Google_Client();
$client
->setApplicationName('Google-SQLAdminSample/0.1');
$client
->useApplicationDefaultCredentials();
$client
->addScope('https://www.googleapis.com/auth/cloud-platform');

$service
= new Google_Service_SQLAdmin($client);

// Project ID of the project to which the newly created Cloud SQL instances should belong.
$project
= 'my-project';  // TODO: Update placeholder value.

// Cloud SQL instance ID. This does not include the project ID.
$instance
= 'my-instance';  // TODO: Update placeholder value.

// TODO: Assign values to desired properties of `requestBody`:
$requestBody
= new Google_Service_SQLAdmin_SslCertsInsertRequest();

$response
= $service->sslCerts->insert($project, $instance, $requestBody);

// TODO: Change code below to process the `response` object:
echo
'<pre>', var_export($response, true), '</pre>', "\n";
?>

Uses the Python client library.

"""
BEFORE RUNNING:
---------------
1. If not already done, enable the Cloud SQL Administration API
   and check the quota for your project at
   https://console.developers.google.com/apis/api/sqladmin
2. This sample uses Application Default Credentials for authentication.
   If not already done, install the gcloud CLI from
   https://cloud.google.com/sdk and run
   `gcloud beta auth application-default login`.
   For more information, see
   https://developers.google.com/identity/protocols/application-default-credentials
3. Install the Python client library for Google APIs by running
   `pip install --upgrade google-api-python-client`
"""

from pprint import pprint

from googleapiclient import discovery
from oauth2client.client import GoogleCredentials

credentials
= GoogleCredentials.get_application_default()

service
= discovery.build('sqladmin', 'v1beta4', credentials=credentials)

# Project ID of the project to which the newly created Cloud SQL instances should belong.
project
= 'my-project'  # TODO: Update placeholder value.

# Cloud SQL instance ID. This does not include the project ID.
instance
= 'my-instance'  # TODO: Update placeholder value.

ssl_certs_insert_request_body
= {
   
# TODO: Add desired entries to the request body.
}

request
= service.sslCerts().insert(project=project, instance=instance, body=ssl_certs_insert_request_body)
response
= request.execute()

# TODO: Change code below to process the `response` dict:
pprint
(response)

Uses the Ruby client library.

# BEFORE RUNNING:
# ---------------
# 1. If not already done, enable the Cloud SQL Administration API
#    and check the quota for your project at
#    https://console.developers.google.com/apis/api/sqladmin
# 2. This sample uses Application Default Credentials for authentication.
#    If not already done, install the gcloud CLI from
#    https://cloud.google.com/sdk and run
#    `gcloud beta auth application-default login`.
#    For more information, see
#    https://developers.google.com/identity/protocols/application-default-credentials
# 3. Install the Ruby client library and Application Default Credentials
#    library by running `gem install google-api-client` and
#    `gem install googleauth`

require 'googleauth'
require 'google/apis/sqladmin_v1beta4'

service
= Google::Apis::SqladminV1beta4::SqlAdminService.new

service
.authorization = \
   
Google::Auth.get_application_default(['https://www.googleapis.com/auth/cloud-platform'])

# Project ID of the project to which the newly created Cloud SQL instances should belong.
project
= 'my-project'  # TODO: Update placeholder value.

# Cloud SQL instance ID. This does not include the project ID.
instance
= 'my-instance'  # TODO: Update placeholder value.

# TODO: Assign values to desired members of `request_body`:
request_body
= Google::Apis::SqladminV1beta4::InsertSslCertsRequest.new

response
= service.insert_ssl_cert(project, instance, request_body)

# TODO: Change code below to process the `response` object:
puts response
.to_json