- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Returns the specified SslCertificate resource.
HTTP request
GET https://compute.googleapis.com/compute/v1/projects/{project}/global/sslCertificates/{sslCertificate}
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
project |
Project ID for this request. |
ssl |
Name of the SslCertificate resource to return. |
Request body
The request body must be empty.
Response body
Represents an SSL certificate resource.
Google Compute Engine has two SSL certificate resources:
The global SSL certificates (sslCertificates
) are used by:
- Global external Application Load Balancers
- Classic Application Load Balancers
- Proxy Network Load Balancers (with target SSL proxies)
The regional SSL certificates (regionSslCertificates
) are used by:
- Regional external Application Load Balancers
- Regional internal Application Load Balancers
Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates, SSL certificates quotas and limits, and Troubleshooting SSL certificates.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "kind": string, "id": string, "creationTimestamp": string, "name": string, "description": string, "selfLink": string, "certificate": string, "privateKey": string, "managed": { "domains": [ string ], "status": enum, "domainStatus": { string: enum, ... } }, "selfManaged": { "certificate": string, "privateKey": string }, "type": enum, "subjectAlternativeNames": [ string ], "expireTime": string, "region": string } |
Fields | |
---|---|
kind |
[Output Only] Type of the resource. Always |
id |
[Output Only] The unique identifier for the resource. This identifier is defined by the server. |
creation |
[Output Only] Creation timestamp in RFC3339 text format. |
name |
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression |
description |
An optional description of this resource. Provide this property when you create the resource. |
self |
[Output only] Server-defined URL for the resource. |
certificate |
A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. |
private |
A value read into memory from a write-only private key file. The private key file must be in PEM format. For security, only |
managed |
Configuration and status of a managed SSL certificate. |
managed. |
The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the maximum number of domains per Google-managed SSL certificate. |
managed. |
[Output only] Status of the managed certificate resource. |
managed. |
[Output only] Detailed statuses of the domains specified for managed certificate resource. |
self |
Configuration and status of a self-managed SSL certificate. |
self |
A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. |
self |
A write-only private key in PEM format. Only |
type |
(Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields |
subject |
[Output Only] Domains associated with the certificate via Subject Alternative Name. |
expire |
[Output Only] Expire time of the certificate. RFC3339 |
region |
[Output Only] URL of the region where the regional SSL Certificate resides. This field is not applicable to global SSL Certificate. |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/compute.readonly
https://www.googleapis.com/auth/compute
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
In addition to any permissions specified on the fields above, authorization requires one or more of the following IAM permissions:
compute.sslCertificates.get
To find predefined roles that contain those permissions, see Compute Engine IAM Roles.