privateca/v1 library

Certificate Authority API - v1

The Certificate Authority Service API is a highly-available, scalable service that enables you to simplify and automate the management of private certificate authorities (CAs) while staying in control of your private keys.

For more information, see cloud.google.com/

Create an instance of CertificateAuthorityServiceApi to access these resources:

ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource - ProjectsLocationsCaPoolsCertificatesResource - ProjectsLocationsCertificateTemplatesResource - ProjectsLocationsOperationsResource

Classes

AccessUrls
URLs where a CertificateAuthority will publish content.
ActivateCertificateAuthorityRequest
Request message for CertificateAuthorityService.ActivateCertificateAuthority.
AllowedKeyType
Describes a "type" of key that may be used in a Certificate issued from a CaPool.
AuditConfig
Specifies the audit configuration for a service.
Binding
Associates members, or principals, with a role.
CaOptions
Describes the X.509 basic constraints extension, per RFC 5280 section 4.2.1.9
CaPool
A CaPool represents a group of CertificateAuthorities that form a trust anchor.
Certificate
A Certificate corresponds to a signed X.509 certificate issued by a CertificateAuthority.
CertificateAuthority
A CertificateAuthority represents an individual Certificate Authority.
CertificateAuthorityServiceApi
The Certificate Authority Service API is a highly-available, scalable service that enables you to simplify and automate the management of private certificate authorities (CAs) while staying in control of your private keys.
CertificateConfig
A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.
CertificateConfigKeyId
A KeyId identifies a specific public key, usually by hashing the public key.
CertificateDescription
A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.
CertificateExtensionConstraints
Describes a set of X.509 extensions that may be part of some certificate issuance controls.
CertificateFingerprint
A group of fingerprints for the x509 certificate.
CertificateIdentityConstraints
Describes constraints on a Certificate's Subject and SubjectAltNames.
CertificateRevocationList
A CertificateRevocationList corresponds to a signed X.509 certificate Revocation List (CRL).
CertificateTemplate
A CertificateTemplate refers to a managed template for certificate issuance.
DisableCertificateAuthorityRequest
Request message for CertificateAuthorityService.DisableCertificateAuthority.
EcKeyType
Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.
ExtendedKeyUsageOptions
KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.
FetchCaCertsResponse
Response message for CertificateAuthorityService.FetchCaCerts.
FetchCertificateAuthorityCsrResponse
Response message for CertificateAuthorityService.FetchCertificateAuthorityCsr.
IssuanceModes
IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.
IssuancePolicy
Defines controls over all certificate issuance within a CaPool.
KeyId
A KeyId identifies a specific public key, usually by hashing the public key.
KeyUsage
A KeyUsage describes key usage values that may appear in an X.509 certificate.
KeyUsageOptions
KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.
KeyVersionSpec
A Cloud KMS key configuration that a CertificateAuthority will use.
ListCaPoolsResponse
Response message for CertificateAuthorityService.ListCaPools.
ListCertificateAuthoritiesResponse
Response message for CertificateAuthorityService.ListCertificateAuthorities.
ListCertificateRevocationListsResponse
Response message for CertificateAuthorityService.ListCertificateRevocationLists.
ListCertificatesResponse
Response message for CertificateAuthorityService.ListCertificates.
ListCertificateTemplatesResponse
Response message for CertificateAuthorityService.ListCertificateTemplates.
ListLocationsResponse
The response message for Locations.ListLocations.
ListOperationsResponse
The response message for Operations.ListOperations.
NameConstraints
Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10
ObjectId
An ObjectId specifies an object identifier (OID).
Operation
This resource represents a long-running operation that is the result of a network API call.
Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
ProjectsLocationsCaPoolsCertificateAuthoritiesCertificateRevocationListsResource
ProjectsLocationsCaPoolsCertificateAuthoritiesResource
ProjectsLocationsCaPoolsCertificatesResource
ProjectsLocationsCaPoolsResource
ProjectsLocationsCertificateTemplatesResource
ProjectsLocationsOperationsResource
ProjectsLocationsResource
ProjectsResource
PublicKey
A PublicKey describes a public key.
PublishingOptions
Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates.
RevocationDetails
Describes fields that are relavent to the revocation of a Certificate.
RevokeCertificateRequest
Request message for CertificateAuthorityService.RevokeCertificate.
RevokedCertificate
Describes a revoked Certificate.
RsaKeyType
Describes an RSA key that may be used in a Certificate issued from a CaPool.
SetIamPolicyRequest
Request message for SetIamPolicy method.
Subject
Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.
SubjectAltNames
SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).
SubjectConfig
These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.
SubjectDescription
These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.
SubordinateConfig
Describes a subordinate CA's issuers.
SubordinateConfigChain
This message describes a subordinate CA's issuer certificate chain.
X509Extension
An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
X509Parameters
An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

Typedefs

AuditLogConfig = $AuditLogConfig
Provides the configuration for logging a type of permissions.
CancelOperationRequest = $Empty
The request message for Operations.CancelOperation.
CertChain = $CertChain
Empty = $Empty
A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.
EnableCertificateAuthorityRequest = $Request03
Request message for CertificateAuthorityService.EnableCertificateAuthority.
Expr = $Expr
Represents a textual expression in the Common Expression Language (CEL) syntax.
FetchCaCertsRequest = $Request03
Request message for CertificateAuthorityService.FetchCaCerts.
Location = $Location00
A resource that represents a Google Cloud location.
Status = $Status
The Status type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.
TestIamPermissionsRequest = $TestIamPermissionsRequest00
Request message for TestIamPermissions method.
TestIamPermissionsResponse = $PermissionsResponse
Response message for TestIamPermissions method.
UndeleteCertificateAuthorityRequest = $Request03
Request message for CertificateAuthorityService.UndeleteCertificateAuthority.

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.