REST Resource: projects.locations.certificateTemplates
Stay organized with collections
Save and categorize content based on your preferences.
Resource: CertificateTemplate
| Fields |
name |
string
Identifier. The resource name for this CertificateTemplate in the format projects/*/locations/*/certificateTemplates/*.
|
maximumLifetime |
string (Duration format)
Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool resource's IssuancePolicy specifies a maximumLifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximumLifetime, the effective lifetime will be explicitly truncated to match it. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".
|
predefinedValues |
object (X509Parameters)
Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baselineValues for the same properties, the certificate issuance request will fail.
|
identityConstraints |
object (CertificateIdentityConstraints)
Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
|
passthroughExtensions |
object (CertificateExtensionConstraints)
Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthroughExtensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baselineValues that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefinedValues.
|
description |
string
Optional. A human-readable description of scenarios this template is intended for.
|
createTime |
string (Timestamp format)
Output only. The time at which this CertificateTemplate was created. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
|
updateTime |
string (Timestamp format)
Output only. The time at which this CertificateTemplate was updated. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
|
labels |
map (key: string, value: string)
Optional. Labels with user-defined metadata. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-30 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-30 UTC."],[[["\u003cp\u003eA \u003ccode\u003eCertificateTemplate\u003c/code\u003e is a managed template for issuing certificates, which can be referenced using the format \u003ccode\u003eprojects/*/locations/*/certificateTemplates/*\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eCertificateTemplate\u003c/code\u003e resource defines properties like \u003ccode\u003emaximumLifetime\u003c/code\u003e, \u003ccode\u003epredefinedValues\u003c/code\u003e, \u003ccode\u003eidentityConstraints\u003c/code\u003e, and \u003ccode\u003epassthroughExtensions\u003c/code\u003e to control certificate issuance.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003epredefinedValues\u003c/code\u003e allow setting X.509 properties on issued certificates, potentially overriding conflicting values from certificate requests.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003epassthroughExtensions\u003c/code\u003e field dictates which X.509 extensions are permitted in a certificate, dropping any that are not listed.\u003c/p\u003e\n"],["\u003cp\u003eSeveral methods are provided to manage \u003ccode\u003eCertificateTemplates\u003c/code\u003e, including creating, deleting, getting, listing, and updating templates, along with managing access control policies.\u003c/p\u003e\n"]]],[],null,["# REST Resource: projects.locations.certificateTemplates\n\n- [Resource: CertificateTemplate](#CertificateTemplate)\n - [JSON representation](#CertificateTemplate.SCHEMA_REPRESENTATION)\n- [Methods](#METHODS_SUMMARY)\n\nResource: CertificateTemplate\n-----------------------------\n\nA [CertificateTemplate](/certificate-authority-service/docs/reference/rest/v1/projects.locations.certificateTemplates#CertificateTemplate) refers to a managed template for certificate issuance."]]
