public sealed class CertificateAuthority : IMessage<CertificateAuthority>, IEquatable<CertificateAuthority>, IDeepCloneable<CertificateAuthority>, IBufferMessage, IMessageReference documentation and code samples for the Certificate Authority v1 API class CertificateAuthority.
A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] represents an individual Certificate Authority. A [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] can be used to create [Certificates][google.cloud.security.privateca.v1.Certificate].
Implements
IMessageCertificateAuthority, IEquatableCertificateAuthority, IDeepCloneableCertificateAuthority, IBufferMessage, IMessageNamespace
Google.Cloud.Security.PrivateCA.V1Assembly
Google.Cloud.Security.PrivateCA.V1.dll
Constructors
CertificateAuthority()
public CertificateAuthority()CertificateAuthority(CertificateAuthority)
public CertificateAuthority(CertificateAuthority other)| Parameter | |
|---|---|
| Name | Description |
other |
CertificateAuthority |
Properties
AccessUrls
public CertificateAuthority.Types.AccessUrls AccessUrls { get; set; }Output only. URLs for accessing content published by this CA, such as the CA certificate and CRLs.
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthorityTypesAccessUrls |
|
CaCertificateDescriptions
public RepeatedField<CertificateDescription> CaCertificateDescriptions { get; }Output only. A structured description of this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s CA certificate and its issuers. Ordered as self-to-root.
| Property Value | |
|---|---|
| Type | Description |
RepeatedFieldCertificateDescription |
|
CertificateAuthorityName
public CertificateAuthorityName CertificateAuthorityName { get; set; }CertificateAuthorityName-typed view over the Name resource name property.
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthorityName |
|
Config
public CertificateConfig Config { get; set; }Required. Immutable. The config used to create a self-signed X.509 certificate or CSR.
| Property Value | |
|---|---|
| Type | Description |
CertificateConfig |
|
CreateTime
public Timestamp CreateTime { get; set; }Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] was created.
| Property Value | |
|---|---|
| Type | Description |
Timestamp |
|
DeleteTime
public Timestamp DeleteTime { get; set; }Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] was soft deleted, if it is in the [DELETED][google.cloud.security.privateca.v1.CertificateAuthority.State.DELETED] state.
| Property Value | |
|---|---|
| Type | Description |
Timestamp |
|
ExpireTime
public Timestamp ExpireTime { get; set; }Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] will be permanently purged, if it is in the [DELETED][google.cloud.security.privateca.v1.CertificateAuthority.State.DELETED] state.
| Property Value | |
|---|---|
| Type | Description |
Timestamp |
|
GcsBucket
public string GcsBucket { get; set; }Immutable. The name of a Cloud Storage bucket where this
[CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
will publish content, such as the CA certificate and CRLs. This must be a
bucket name, without any prefixes (such as gs://) or suffixes (such as
.googleapis.com). For example, to use a bucket named my-bucket, you
would simply specify my-bucket. If not specified, a managed bucket will
be created.
| Property Value | |
|---|---|
| Type | Description |
string |
|
KeySpec
public CertificateAuthority.Types.KeyVersionSpec KeySpec { get; set; }Required. Immutable. Used when issuing certificates for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]. If this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthorityTypesKeyVersionSpec |
|
Labels
public MapField<string, string> Labels { get; }Optional. Labels with user-defined metadata.
| Property Value | |
|---|---|
| Type | Description |
MapFieldstringstring |
|
Lifetime
public Duration Lifetime { get; set; }Required. Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
| Property Value | |
|---|---|
| Type | Description |
Duration |
|
Name
public string Name { get; set; }Identifier. The resource name for this
[CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]
in the format projects/*/locations/*/caPools/*/certificateAuthorities/*.
| Property Value | |
|---|---|
| Type | Description |
string |
|
PemCaCertificates
public RepeatedField<string> PemCaCertificates { get; }Output only. This [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s certificate chain, including the current [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority]'s certificate.
| Property Value | |
|---|---|
| Type | Description |
RepeatedFieldstring |
|
SatisfiesPzi
public bool SatisfiesPzi { get; set; }Output only. Reserved for future use.
| Property Value | |
|---|---|
| Type | Description |
bool |
|
SatisfiesPzs
public bool SatisfiesPzs { get; set; }Output only. Reserved for future use.
| Property Value | |
|---|---|
| Type | Description |
bool |
|
State
public CertificateAuthority.Types.State State { get; set; }Output only. The [State][google.cloud.security.privateca.v1.CertificateAuthority.State] for this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthorityTypesState |
|
SubordinateConfig
public SubordinateConfig SubordinateConfig { get; set; }Optional. If this is a subordinate [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority], this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] must continue to validate.
| Property Value | |
|---|---|
| Type | Description |
SubordinateConfig |
|
Tier
public CaPool.Types.Tier Tier { get; set; }Output only. The [CaPool.Tier][google.cloud.security.privateca.v1.CaPool.Tier] of the [CaPool][google.cloud.security.privateca.v1.CaPool] that includes this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
| Property Value | |
|---|---|
| Type | Description |
CaPoolTypesTier |
|
Type
public CertificateAuthority.Types.Type Type { get; set; }Required. Immutable. The [Type][google.cloud.security.privateca.v1.CertificateAuthority.Type] of this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority].
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthorityTypesType |
|
UpdateTime
public Timestamp UpdateTime { get; set; }Output only. The time at which this [CertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthority] was last updated.
| Property Value | |
|---|---|
| Type | Description |
Timestamp |
|
UserDefinedAccessUrls
public CertificateAuthority.Types.UserDefinedAccessUrls UserDefinedAccessUrls { get; set; }Optional. User-defined URLs for CA certificate and CRLs. The service does not publish content to these URLs. It is up to the user to mirror content to these URLs.
| Property Value | |
|---|---|
| Type | Description |
CertificateAuthorityTypesUserDefinedAccessUrls |
|