CertificateConfig
Stay organized with collections
Save and categorize content based on your preferences.
A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.
| Fields |
subjectConfig |
object (SubjectConfig)
Required. Specifies some of the values in a certificate that are related to the subject.
|
x509Config |
object (X509Parameters)
Required. Describes how some of the technical X.509 fields in a certificate should be populated.
|
publicKey |
object (PublicKey)
Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
|
subjectKeyId |
object (KeyId)
Optional. When specified this provides a custom SKI to be used in the certificate. This should only be used to maintain a SKI of an existing CA originally created outside CA service, which was not generated using method (1) described in RFC 5280 section 4.2.1.2.
|
SubjectConfig
These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.
| Fields |
subject |
object (Subject)
Optional. Contains distinguished name fields such as the common name, location and organization.
|
subjectAltName |
object (SubjectAltNames)
Optional. The subject alternative name fields.
|
KeyId
A KeyId identifies a specific public key, usually by hashing the public key.
| JSON representation |
{
"keyId": string
} |
| Fields |
keyId |
string
Required. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-30 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-30 UTC."],[[["\u003cp\u003eA CertificateConfig defines an X.509 certificate or CSR structure, offering an alternative to ASN.1.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003esubjectConfig\u003c/code\u003e field specifies subject-related values, including distinguished name fields and alternative names within a certificate.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003ex509Config\u003c/code\u003e field determines how technical X.509 fields are populated in a certificate.\u003c/p\u003e\n"],["\u003cp\u003eThe optional \u003ccode\u003epublicKey\u003c/code\u003e field defines the public key, primarily used when issuing Certificates.\u003c/p\u003e\n"],["\u003cp\u003eThe optional \u003ccode\u003esubjectKeyId\u003c/code\u003e field allows for the use of a custom SKI in the certificate, generally for maintaining an existing CA's SKI created outside the CA service.\u003c/p\u003e\n"]]],[],null,["# CertificateConfig\n\n- [JSON representation](#SCHEMA_REPRESENTATION)\n- [SubjectConfig](#SubjectConfig)\n - [JSON representation](#SubjectConfig.SCHEMA_REPRESENTATION)\n- [KeyId](#KeyId)\n - [JSON representation](#KeyId.SCHEMA_REPRESENTATION)\n\nA [CertificateConfig](/certificate-authority-service/docs/reference/rest/v1/CertificateConfig) describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.\n\nSubjectConfig\n-------------\n\nThese values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.\n\nKeyId\n-----\n\nA KeyId identifies a specific public key, usually by hashing the public key."]]
