Creates an alias from a key, certificate pair.
Generates a PKCS #10 Certificate Signing Request for the private key in
Deletes an alias.
Gets an alias.
getCertificate(name, x__xgafv=None)
Gets the certificate from an alias in PEM-encoded form.
update(name, body=None, ignoreExpiryValidation=None, ignoreNewlineValidation=None, x__xgafv=None)
Updates the certificate in an alias.
create(parent, body=None, format=None, ignoreNewlineValidation=None, alias=None, ignoreExpiryValidation=None, x_password=None, x__xgafv=None)
Creates an alias from a key, certificate pair.
The structure of the request is controlled by the `format` query parameter:
* `keycertfile` - Separate PEM-encoded key and certificate files are
uploaded. The request must have `Content-Type: multipart/form-data` and
include fields `keyFile` and `certFile`. If uploading to a truststore,
omit `keyFile`.
* `pkcs12` - A PKCS12 file is uploaded. The request must have
`Content-Type: multipart/form-data` with the file provided in the only
field.
* `selfsignedcert` - A new private key and certificate are generated. The
request must have `Content-Type: application/json` and a body of
CertificateGenerationSpec.
Args:
parent: string, Required. The name of the keystore. Must be of the form
`organizations/{organization}/environments/{environment}/keystores/{keystore}`. (required)
body: object, The request body.
The object takes the form of:
{ # Message that represents an arbitrary HTTP body. It should only be used for
# payload formats that can't be represented as JSON, such as raw binary or
# an HTML page.
#
#
# This message can be used both in streaming and non-streaming API methods in
# the request as well as the response.
#
# It can be used as a top-level request field, which is convenient if one
# wants to extract parameters from either the URL or HTTP template into the
# request fields and also want access to the raw HTTP body.
#
# Example:
#
# message GetResourceRequest {
# // A unique request id.
# string request_id = 1;
#
# // The raw HTTP body is bound to this field.
# google.api.HttpBody http_body = 2;
# }
#
# service ResourceService {
# rpc GetResource(GetResourceRequest) returns (google.api.HttpBody);
# rpc UpdateResource(google.api.HttpBody) returns
# (google.protobuf.Empty);
# }
#
# Example with streaming methods:
#
# service CaldavService {
# rpc GetCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# rpc UpdateCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# }
#
# Use of this type only changes how the request and response bodies are
# handled, all other features will continue to work unchanged.
"extensions": [ # Application specific response metadata. Must be set in the first response
# for streaming APIs.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
"contentType": "A String", # The HTTP Content-Type header value specifying the content type of the body.
"data": "A String", # The HTTP request/response body as raw binary.
}
format: string, Required. The format of the data. Must be either `selfsignedcert`,
`keycertfile`, or `pkcs12`.
ignoreNewlineValidation: boolean, If `true`, do not throw an error when the file contains a chain with no
newline between each certificate. By default, a newline is needed between
each certificate in a chain.
alias: string, The alias for the key, certificate pair. Values must match
regular expression `[\w\s-.]{1,255}`. This must be provided for all formats
except 'selfsignedcert'; self-signed certs may specify the alias in either
this parameter or the JSON body.
ignoreExpiryValidation: boolean, If `true`, no expiry validation will be performed.
x_password: string, The password for the private key file, if it exists.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A reference to a certificate or key, certificate pair.
"alias": "A String", # The resource ID for this alias. Values must match regular expression
# `[^/]{1,255}`.
"type": "A String", # The type of alias.
"certsInfo": { # The chain of certificates under this alias.
"certInfo": [ # The chain of certificates under this name.
{ # An X.509 certificate as defined in RFC 5280.
"basicConstraints": "A String", # The X.509 basic constraints extension.
"sigAlgName": "A String", # The X.509 signatureAlgorithm.
"expiryDate": "A String", # The X.509 validity / notAfter in milliseconds since the epoch.
"version": 42, # The X.509 version.
"subject": "A String", # The X.509 subject.
"validFrom": "A String", # The X.509 validity / notBefore in milliseconds since the
# epoch.
"subjectAlternativeNames": [ # The X.509 subject alternative names (SANs) extension.
"A String",
],
"serialNumber": "A String", # The X.509 serial number.
"issuer": "A String", # The X.509 issuer.
"isValid": "A String", # "Yes" if certificate is valid, "No" if expired and "Not yet"
# if not yet valid.
"publicKey": "A String", # The public key component of the X.509 subject public key info.
},
],
},
}
csr(name, x__xgafv=None)
Generates a PKCS #10 Certificate Signing Request for the private key in
an alias.
Args:
name: string, Required. The name of the alias. Must be of the form
`organizations/{organization}/environments/{environment}/keystores/{keystore}/aliases/{alias}`. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Message that represents an arbitrary HTTP body. It should only be used for
# payload formats that can't be represented as JSON, such as raw binary or
# an HTML page.
#
#
# This message can be used both in streaming and non-streaming API methods in
# the request as well as the response.
#
# It can be used as a top-level request field, which is convenient if one
# wants to extract parameters from either the URL or HTTP template into the
# request fields and also want access to the raw HTTP body.
#
# Example:
#
# message GetResourceRequest {
# // A unique request id.
# string request_id = 1;
#
# // The raw HTTP body is bound to this field.
# google.api.HttpBody http_body = 2;
# }
#
# service ResourceService {
# rpc GetResource(GetResourceRequest) returns (google.api.HttpBody);
# rpc UpdateResource(google.api.HttpBody) returns
# (google.protobuf.Empty);
# }
#
# Example with streaming methods:
#
# service CaldavService {
# rpc GetCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# rpc UpdateCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# }
#
# Use of this type only changes how the request and response bodies are
# handled, all other features will continue to work unchanged.
"extensions": [ # Application specific response metadata. Must be set in the first response
# for streaming APIs.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
"contentType": "A String", # The HTTP Content-Type header value specifying the content type of the body.
"data": "A String", # The HTTP request/response body as raw binary.
}
delete(name, x__xgafv=None)
Deletes an alias.
Args:
name: string, Required. The name of the alias. Must be of the form
`organizations/{organization}/environments/{environment}/keystores/{keystore}/aliases/{alias}`. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A reference to a certificate or key, certificate pair.
"alias": "A String", # The resource ID for this alias. Values must match regular expression
# `[^/]{1,255}`.
"type": "A String", # The type of alias.
"certsInfo": { # The chain of certificates under this alias.
"certInfo": [ # The chain of certificates under this name.
{ # An X.509 certificate as defined in RFC 5280.
"basicConstraints": "A String", # The X.509 basic constraints extension.
"sigAlgName": "A String", # The X.509 signatureAlgorithm.
"expiryDate": "A String", # The X.509 validity / notAfter in milliseconds since the epoch.
"version": 42, # The X.509 version.
"subject": "A String", # The X.509 subject.
"validFrom": "A String", # The X.509 validity / notBefore in milliseconds since the
# epoch.
"subjectAlternativeNames": [ # The X.509 subject alternative names (SANs) extension.
"A String",
],
"serialNumber": "A String", # The X.509 serial number.
"issuer": "A String", # The X.509 issuer.
"isValid": "A String", # "Yes" if certificate is valid, "No" if expired and "Not yet"
# if not yet valid.
"publicKey": "A String", # The public key component of the X.509 subject public key info.
},
],
},
}
get(name, x__xgafv=None)
Gets an alias.
Args:
name: string, Required. The name of the alias. Must be of the form
`organizations/{organization}/environments/{environment}/keystores/{keystore}/aliases/{alias}`. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A reference to a certificate or key, certificate pair.
"alias": "A String", # The resource ID for this alias. Values must match regular expression
# `[^/]{1,255}`.
"type": "A String", # The type of alias.
"certsInfo": { # The chain of certificates under this alias.
"certInfo": [ # The chain of certificates under this name.
{ # An X.509 certificate as defined in RFC 5280.
"basicConstraints": "A String", # The X.509 basic constraints extension.
"sigAlgName": "A String", # The X.509 signatureAlgorithm.
"expiryDate": "A String", # The X.509 validity / notAfter in milliseconds since the epoch.
"version": 42, # The X.509 version.
"subject": "A String", # The X.509 subject.
"validFrom": "A String", # The X.509 validity / notBefore in milliseconds since the
# epoch.
"subjectAlternativeNames": [ # The X.509 subject alternative names (SANs) extension.
"A String",
],
"serialNumber": "A String", # The X.509 serial number.
"issuer": "A String", # The X.509 issuer.
"isValid": "A String", # "Yes" if certificate is valid, "No" if expired and "Not yet"
# if not yet valid.
"publicKey": "A String", # The public key component of the X.509 subject public key info.
},
],
},
}
getCertificate(name, x__xgafv=None)
Gets the certificate from an alias in PEM-encoded form.
Args:
name: string, Required. The name of the alias. Must be of the form
`organizations/{organization}/environments/{environment}/keystores/{keystore}/aliases/{alias}`. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Message that represents an arbitrary HTTP body. It should only be used for
# payload formats that can't be represented as JSON, such as raw binary or
# an HTML page.
#
#
# This message can be used both in streaming and non-streaming API methods in
# the request as well as the response.
#
# It can be used as a top-level request field, which is convenient if one
# wants to extract parameters from either the URL or HTTP template into the
# request fields and also want access to the raw HTTP body.
#
# Example:
#
# message GetResourceRequest {
# // A unique request id.
# string request_id = 1;
#
# // The raw HTTP body is bound to this field.
# google.api.HttpBody http_body = 2;
# }
#
# service ResourceService {
# rpc GetResource(GetResourceRequest) returns (google.api.HttpBody);
# rpc UpdateResource(google.api.HttpBody) returns
# (google.protobuf.Empty);
# }
#
# Example with streaming methods:
#
# service CaldavService {
# rpc GetCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# rpc UpdateCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# }
#
# Use of this type only changes how the request and response bodies are
# handled, all other features will continue to work unchanged.
"extensions": [ # Application specific response metadata. Must be set in the first response
# for streaming APIs.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
"contentType": "A String", # The HTTP Content-Type header value specifying the content type of the body.
"data": "A String", # The HTTP request/response body as raw binary.
}
update(name, body=None, ignoreExpiryValidation=None, ignoreNewlineValidation=None, x__xgafv=None)
Updates the certificate in an alias.
Args:
name: string, Required. The name of the alias. Must be of the form
`organizations/{organization}/environments/{environment}/keystores/{keystore}/aliases/{alias}`. (required)
body: object, The request body.
The object takes the form of:
{ # Message that represents an arbitrary HTTP body. It should only be used for
# payload formats that can't be represented as JSON, such as raw binary or
# an HTML page.
#
#
# This message can be used both in streaming and non-streaming API methods in
# the request as well as the response.
#
# It can be used as a top-level request field, which is convenient if one
# wants to extract parameters from either the URL or HTTP template into the
# request fields and also want access to the raw HTTP body.
#
# Example:
#
# message GetResourceRequest {
# // A unique request id.
# string request_id = 1;
#
# // The raw HTTP body is bound to this field.
# google.api.HttpBody http_body = 2;
# }
#
# service ResourceService {
# rpc GetResource(GetResourceRequest) returns (google.api.HttpBody);
# rpc UpdateResource(google.api.HttpBody) returns
# (google.protobuf.Empty);
# }
#
# Example with streaming methods:
#
# service CaldavService {
# rpc GetCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# rpc UpdateCalendar(stream google.api.HttpBody)
# returns (stream google.api.HttpBody);
# }
#
# Use of this type only changes how the request and response bodies are
# handled, all other features will continue to work unchanged.
"extensions": [ # Application specific response metadata. Must be set in the first response
# for streaming APIs.
{
"a_key": "", # Properties of the object. Contains field @type with type URL.
},
],
"contentType": "A String", # The HTTP Content-Type header value specifying the content type of the body.
"data": "A String", # The HTTP request/response body as raw binary.
}
ignoreExpiryValidation: boolean, Required. If `true`, no expiry validation will be performed.
ignoreNewlineValidation: boolean, If `true`, do not throw an error when the file contains a chain with no
newline between each certificate. By default, a newline is needed between
each certificate in a chain.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A reference to a certificate or key, certificate pair.
"alias": "A String", # The resource ID for this alias. Values must match regular expression
# `[^/]{1,255}`.
"type": "A String", # The type of alias.
"certsInfo": { # The chain of certificates under this alias.
"certInfo": [ # The chain of certificates under this name.
{ # An X.509 certificate as defined in RFC 5280.
"basicConstraints": "A String", # The X.509 basic constraints extension.
"sigAlgName": "A String", # The X.509 signatureAlgorithm.
"expiryDate": "A String", # The X.509 validity / notAfter in milliseconds since the epoch.
"version": 42, # The X.509 version.
"subject": "A String", # The X.509 subject.
"validFrom": "A String", # The X.509 validity / notBefore in milliseconds since the
# epoch.
"subjectAlternativeNames": [ # The X.509 subject alternative names (SANs) extension.
"A String",
],
"serialNumber": "A String", # The X.509 serial number.
"issuer": "A String", # The X.509 issuer.
"isValid": "A String", # "Yes" if certificate is valid, "No" if expired and "Not yet"
# if not yet valid.
"publicKey": "A String", # The public key component of the X.509 subject public key info.
},
],
},
}