Cloud CDN API, REST: Resource.Update

Field

Description

resourceId

string

Required field. ID of updated resource.

Field

Description

originGroupId

string (int64)

ID of updated origin group.

secondaryHostnames

SecondaryHostnames

List of additional CNAMEs.

options

ResourceOptions

Resource settings and options to tune CDN edge behavior.

originProtocol

enum (OriginProtocol)

Specify the protocol schema to be used in communication with origin.

• ORIGIN_PROTOCOL_UNSPECIFIED
• HTTP: CDN servers will connect to your origin via HTTP.
• HTTPS: CDN servers will connect to your origin via HTTPS.
• MATCH: Connection protocol will be chosen automatically (content on the
  origin source should be available for the CDN both through HTTP and HTTPS).

active

boolean

Flag to create Resource either in active or disabled state.
In active state Origins payload could be transmitted from CDN CNAME requests.
Default value: true

sslCertificate

SSLTargetCertificate

SSL Certificate options.

labels

object (map<string, string>)

Resource labels. At some point will be needed for granular detailing.

removeLabels

boolean

If flag is set to true resource labels will be deleted.

Field

Description

values[]

string

List of secondary hostname values.

Field

Description

disableCache

BoolOption

Set up a cache status.

edgeCacheSettings

EdgeCacheSettings

Set up EdgeCacheSettings.

browserCacheSettings

Int64Option

Using Int64Option. Set up a cache period for the end-users browser.
Content will be cached due to origin settings.
If there are no cache settings on your origin, the content will not be cached.
The list of HTTP response codes that can be cached in browsers: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.
Other response codes will not be cached.
The default value is 4 days.

cacheHttpHeaders

StringsListOption

List HTTP headers that must be included in responses to clients.

queryParamsOptions

QueryParamsOptions

Set up QueryParamsOptions.

slice

BoolOption

Files larger than 10 MB will be requested and cached in parts (no larger than 10 MB each part). It reduces time to first byte.

The origin must support HTTP Range requests.

By default the option is disabled.

compressionOptions

CompressionOptions

Set up compression variant.

redirectOptions

RedirectOptions

Set up redirects.

hostOptions

HostOptions

Set up host parameters.

staticHeaders

StringsMapOption

Set up static headers that CDN servers send in responses to clients.

cors

StringsListOption

Parameter that lets browsers get access to selected resources from a domain
different to a domain from which the request is received.
Read more.

stale

StringsListOption

List of errors which instruct CDN servers to serve stale content to clients.

Possible values: error, http_403, http_404, http_429, http_500, http_502, http_503, http_504, invalid_header, timeout, updating.

allowedHttpMethods

StringsListOption

HTTP methods for your CDN content. By default the following methods
are allowed: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS.
In case some methods are not allowed to the user, they will get the 405
(Method Not Allowed) response. If the method is not supported,
the user gets the 501 (Not Implemented) response.

proxyCacheMethodsSet

BoolOption

Allows caching for GET, HEAD and POST requests.

disableProxyForceRanges

BoolOption

Disabling proxy force ranges.

staticRequestHeaders

StringsMapOption

Set up custom headers that CDN servers send in requests to origins.
The Header name field can contain letters (A-Z, a-z), numbers (0-9), dashes (-) and underscores ().
The Value field can contain letters (A-Z, a-z), numbers (0-9), dashes (-),
underscores (), slashes (/), colons (:), equal (=), dots (.), and spaces.

customServerName

StringOption

Wildcard additional CNAME.
If a resource has a wildcard additional CNAME, you can use your own certificate for content delivery via HTTPS. Read-only.

ignoreCookie

BoolOption

Using BoolOption for ignoring cookie.

rewrite

RewriteOption

Changing or redirecting query paths.

secureKey

SecureKeyOption

Secure token to protect contect and limit access by IP addresses and time limits.

ipAddressAcl

IPAddressACLOption

Manage the state of the IP access policy option.
The option controls access to content from the specified IP addresses.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

boolean

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its values_variant is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

CachingTimes

Value of the option.

Includes only one of the fields value, defaultValue.

defaultValue

string (int64)

Content will be cached according to origin cache settings.
The value applies for a response with codes 200, 201, 204, 206, 301, 302, 303, 304, 307, 308
if an origin server does not have caching HTTP headers.
Responses with other codes will not be cached.

Includes only one of the fields value, defaultValue.

Field

Description

simpleValue

string (int64)

Caching time for a response with codes 200, 206, 301, 302.
Responses with codes 4xx, 5xx will not be cached. Use 0s disable to caching.
Use customValues field to specify a custom caching time for a response with specific codes.

customValues

object (map<string, string (int64)>)

Caching time for a response with specific codes. These settings have a higher priority than the value field.
Response code (304, 404 for example). Use any to specify caching time for all response codes.
Caching time in seconds (0s, 600s for example). Use 0s to disable caching for a specific response code.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

string (int64)

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value[]

string

Value of the option.

Field

Description

ignoreQueryString

BoolOption

Using BoolOption. Selected by default. Files with different query parameters are cached as objects with the same key regardless of the parameter value.

Includes only one of the fields ignoreQueryString, queryParamsWhitelist, queryParamsBlacklist.

queryParamsWhitelist

StringsListOption

Ignore All Except.
Files with the specified query parameters are cached as objects with different keys,
files with other parameters are cached as objects with the same key.

Includes only one of the fields ignoreQueryString, queryParamsWhitelist, queryParamsBlacklist.

queryParamsBlacklist

StringsListOption

Ignore only. Files with the specified query parameters are cached as objects with the same key,
files with other parameters are cached as objects with different keys.

Includes only one of the fields ignoreQueryString, queryParamsWhitelist, queryParamsBlacklist.

Field

Description

fetchCompressed

BoolOption

The Fetch compressed option helps you to reduce
the bandwidth between origin and CDN servers.
Also, content delivery speed becomes higher because of reducing the time
for compressing files in a CDN.

Includes only one of the fields fetchCompressed, gzipOn, brotliCompression.

gzipOn

BoolOption

Using BoolOption. GZip compression at CDN servers reduces file size by 70% and can be as high as 90%.

Includes only one of the fields fetchCompressed, gzipOn, brotliCompression.

brotliCompression

StringsListOption

The option allows to compress content with brotli on the CDN's end.

Compression is performed on the Origin Shielding. If a pre-cache server doesn't active for a resource, compression does not occur even if the option is enabled.

Specify the content-type for each type of content you wish to have compressed. CDN servers will request only uncompressed content from the origin.

Includes only one of the fields fetchCompressed, gzipOn, brotliCompression.

Field

Description

redirectHttpToHttps

BoolOption

Using BoolOption. Set up a redirect from HTTPS to HTTP.

Includes only one of the fields redirectHttpToHttps, redirectHttpsToHttp.

redirectHttpsToHttp

BoolOption

Using BoolOption. Set up a redirect from HTTP to HTTPS.

Includes only one of the fields redirectHttpToHttps, redirectHttpsToHttp.

Field

Description

host

StringOption

Custom value for the Host header.

Your server must be able to process requests with the chosen header.

Default value (if StringOption.enabled is false) is Resource.cname.

Includes only one of the fields host, forwardHostHeader.

forwardHostHeader

BoolOption

Using BoolOption. Choose the Forward Host header option if is important to send in the request to the Origin
the same Host header as was sent in the request to CDN server.

Includes only one of the fields host, forwardHostHeader.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

string

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

object (map<string, string>)

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its flag is applied to the resource.
False - the option is disabled and its default value of the flag is used for the resource.

body

string

Pattern for rewrite.

The value must have the following format: <source path> <destination path>, where both paths are regular expressions which use at least one group. E.g., /foo/(.*) /bar/$1.

flag

enum (RewriteFlag)

Break flag is applied to the option by default.
It is not shown in the field.

• REWRITE_FLAG_UNSPECIFIED
• LAST: Stops processing of the current set of ngx_http_rewrite_module directives and
  starts a search for a new location matching changed URI.
• BREAK: Stops processing of the current set of the Rewrite option.
• REDIRECT: Returns a temporary redirect with the 302 code; It is used when a replacement string does not start
  with "http://", "https://", or "$scheme".
• PERMANENT: Returns a permanent redirect with the 301 code.

Field

Description

enabled

boolean

True - the option is enabled and its flag is applied to the resource.
False - the option is disabled and its default value of the flag is used for the resource.

key

string

The key for the URL signing.

type

enum (SecureKeyURLType)

The type of the URL signing. The URL could be available for all IP addresses or for the only one IP.

• SECURE_KEY_URL_TYPE_UNSPECIFIED
• ENABLE_IP_SIGNING: Use scpecific IP address in URL signing. URL will be availible only for this IP.
• DISABLE_IP_SIGNING: Sign URL without using IP address. URL will be available for all IP addresses.

Field

Description

enabled

boolean

True - the option is enabled and its flag is applied to the resource.
False - the option is disabled and its default value of the flag is used for the resource.

policyType

enum (PolicyType)

The policy type. One of allow or deny value.

• POLICY_TYPE_UNSPECIFIED
• POLICY_TYPE_ALLOW: Allow access to all IP addresses except the ones specified in the excepted_values field.
• POLICY_TYPE_DENY: Block access to all IP addresses except the ones specified in the excepted_values field.

exceptedValues[]

string

The list of IP addresses to be allowed or denied.

Field

Description

type

enum (SSLCertificateType)

Type of the certificate.

• SSL_CERTIFICATE_TYPE_UNSPECIFIED: SSL certificate is unspecified.
• DONT_USE: No SSL certificate is added, the requests are sent via HTTP.
• LETS_ENCRYPT_GCORE: The option is deprecated. Works only if you have already pointed your domain name to the protected IP address in your DNS.
• CM: Add your SSL certificate by uploading the certificate in PEM format and your private key.

data

SSLCertificateData

Certificate data.

Field

Description

cm

SSLCertificateCMData

Custom (add your SSL certificate by uploading the certificate
in PEM format and your private key).

Includes only one of the fields cm.

Field

Description

id

string

ID of the custom certificate.

Field

Description

id

string

ID of the operation.

description

string

Description of the operation. 0-256 characters long.

createdAt

string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

createdBy

string

ID of the user or service account who initiated the operation.

modifiedAt

string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

done

boolean

If the value is false, it means the operation is still in progress.
If true, the operation is completed, and either error or response is available.

metadata

UpdateResourceMetadata

Service-specific metadata associated with the operation.
It typically contains the ID of the target resource that the operation is performed on.
Any method that returns a long-running operation should document the metadata type, if any.

error

Status

The error result of the operation in case of failure or cancellation.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

response

Resource

The normal response of the operation in case of success.
If the original method returns no data on success, such as Delete,
the response is google.protobuf.Empty.
If the original method is the standard Create/Update,
the response should be the target resource of the operation.
Any method that returns a long-running operation should document the response type, if any.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

Field

Description

resourceId

string

Required field. ID of updated resource.

Field

Description

code

integer (int32)

Error code. An enum value of google.rpc.Code.

message

string

An error message.

details[]

object

A list of messages that carry the error details.

Field

Description

id

string

ID of the resource.

folderId

string

Folder id.

cname

string

CDN endpoint CNAME, must be unique among resources.

createdAt

string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

updatedAt

string (date-time)

Update timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

active

boolean

Flag to create Resource either in active or disabled state.
True - the content from CDN is available to clients.
False - the content from CDN isn't available to clients.

options

ResourceOptions

Resource settings and options to tune CDN edge behavior.

secondaryHostnames[]

string

List of secondary hostname strings.

originGroupId

string (int64)

ID of the origin group.

originGroupName

string

Name of the origin group.

originProtocol

enum (OriginProtocol)

Specify the protocol schema to be used in communication with origin.

• ORIGIN_PROTOCOL_UNSPECIFIED
• HTTP: CDN servers will connect to your origin via HTTP.
• HTTPS: CDN servers will connect to your origin via HTTPS.
• MATCH: Connection protocol will be chosen automatically (content on the
  origin source should be available for the CDN both through HTTP and HTTPS).

sslCertificate

SSLCertificate

SSL certificate options.

labels

object (map<string, string>)

Labels of the resource.

Field

Description

disableCache

BoolOption

Set up a cache status.

edgeCacheSettings

EdgeCacheSettings

Set up EdgeCacheSettings.

browserCacheSettings

Int64Option

Using Int64Option. Set up a cache period for the end-users browser.
Content will be cached due to origin settings.
If there are no cache settings on your origin, the content will not be cached.
The list of HTTP response codes that can be cached in browsers: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308.
Other response codes will not be cached.
The default value is 4 days.

cacheHttpHeaders

StringsListOption

List HTTP headers that must be included in responses to clients.

queryParamsOptions

QueryParamsOptions

Set up QueryParamsOptions.

slice

BoolOption

Files larger than 10 MB will be requested and cached in parts (no larger than 10 MB each part). It reduces time to first byte.

The origin must support HTTP Range requests.

By default the option is disabled.

compressionOptions

CompressionOptions

Set up compression variant.

redirectOptions

RedirectOptions

Set up redirects.

hostOptions

HostOptions

Set up host parameters.

staticHeaders

StringsMapOption

Set up static headers that CDN servers send in responses to clients.

cors

StringsListOption

Parameter that lets browsers get access to selected resources from a domain
different to a domain from which the request is received.
Read more.

stale

StringsListOption

List of errors which instruct CDN servers to serve stale content to clients.

Possible values: error, http_403, http_404, http_429, http_500, http_502, http_503, http_504, invalid_header, timeout, updating.

allowedHttpMethods

StringsListOption

HTTP methods for your CDN content. By default the following methods
are allowed: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS.
In case some methods are not allowed to the user, they will get the 405
(Method Not Allowed) response. If the method is not supported,
the user gets the 501 (Not Implemented) response.

proxyCacheMethodsSet

BoolOption

Allows caching for GET, HEAD and POST requests.

disableProxyForceRanges

BoolOption

Disabling proxy force ranges.

staticRequestHeaders

StringsMapOption

Set up custom headers that CDN servers send in requests to origins.
The Header name field can contain letters (A-Z, a-z), numbers (0-9), dashes (-) and underscores ().
The Value field can contain letters (A-Z, a-z), numbers (0-9), dashes (-),
underscores (), slashes (/), colons (:), equal (=), dots (.), and spaces.

customServerName

StringOption

Wildcard additional CNAME.
If a resource has a wildcard additional CNAME, you can use your own certificate for content delivery via HTTPS. Read-only.

ignoreCookie

BoolOption

Using BoolOption for ignoring cookie.

rewrite

RewriteOption

Changing or redirecting query paths.

secureKey

SecureKeyOption

Secure token to protect contect and limit access by IP addresses and time limits.

ipAddressAcl

IPAddressACLOption

Manage the state of the IP access policy option.
The option controls access to content from the specified IP addresses.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

boolean

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its values_variant is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

CachingTimes

Value of the option.

Includes only one of the fields value, defaultValue.

defaultValue

string (int64)

Content will be cached according to origin cache settings.
The value applies for a response with codes 200, 201, 204, 206, 301, 302, 303, 304, 307, 308
if an origin server does not have caching HTTP headers.
Responses with other codes will not be cached.

Includes only one of the fields value, defaultValue.

Field

Description

simpleValue

string (int64)

Caching time for a response with codes 200, 206, 301, 302.
Responses with codes 4xx, 5xx will not be cached. Use 0s disable to caching.
Use customValues field to specify a custom caching time for a response with specific codes.

customValues

object (map<string, string (int64)>)

Caching time for a response with specific codes. These settings have a higher priority than the value field.
Response code (304, 404 for example). Use any to specify caching time for all response codes.
Caching time in seconds (0s, 600s for example). Use 0s to disable caching for a specific response code.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

string (int64)

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value[]

string

Value of the option.

Field

Description

ignoreQueryString

BoolOption

Using BoolOption. Selected by default. Files with different query parameters are cached as objects with the same key regardless of the parameter value.

Includes only one of the fields ignoreQueryString, queryParamsWhitelist, queryParamsBlacklist.

queryParamsWhitelist

StringsListOption

Ignore All Except.
Files with the specified query parameters are cached as objects with different keys,
files with other parameters are cached as objects with the same key.

Includes only one of the fields ignoreQueryString, queryParamsWhitelist, queryParamsBlacklist.

queryParamsBlacklist

StringsListOption

Ignore only. Files with the specified query parameters are cached as objects with the same key,
files with other parameters are cached as objects with different keys.

Includes only one of the fields ignoreQueryString, queryParamsWhitelist, queryParamsBlacklist.

Field

Description

fetchCompressed

BoolOption

The Fetch compressed option helps you to reduce
the bandwidth between origin and CDN servers.
Also, content delivery speed becomes higher because of reducing the time
for compressing files in a CDN.

Includes only one of the fields fetchCompressed, gzipOn, brotliCompression.

gzipOn

BoolOption

Using BoolOption. GZip compression at CDN servers reduces file size by 70% and can be as high as 90%.

Includes only one of the fields fetchCompressed, gzipOn, brotliCompression.

brotliCompression

StringsListOption

The option allows to compress content with brotli on the CDN's end.

Compression is performed on the Origin Shielding. If a pre-cache server doesn't active for a resource, compression does not occur even if the option is enabled.

Specify the content-type for each type of content you wish to have compressed. CDN servers will request only uncompressed content from the origin.

Includes only one of the fields fetchCompressed, gzipOn, brotliCompression.

Field

Description

redirectHttpToHttps

BoolOption

Using BoolOption. Set up a redirect from HTTPS to HTTP.

Includes only one of the fields redirectHttpToHttps, redirectHttpsToHttp.

redirectHttpsToHttp

BoolOption

Using BoolOption. Set up a redirect from HTTP to HTTPS.

Includes only one of the fields redirectHttpToHttps, redirectHttpsToHttp.

Field

Description

host

StringOption

Custom value for the Host header.

Your server must be able to process requests with the chosen header.

Default value (if StringOption.enabled is false) is Resource.cname.

Includes only one of the fields host, forwardHostHeader.

forwardHostHeader

BoolOption

Using BoolOption. Choose the Forward Host header option if is important to send in the request to the Origin
the same Host header as was sent in the request to CDN server.

Includes only one of the fields host, forwardHostHeader.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

string

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its value is applied to the resource.
False - the option is disabled and its default value is used for the resource.

value

object (map<string, string>)

Value of the option.

Field

Description

enabled

boolean

True - the option is enabled and its flag is applied to the resource.
False - the option is disabled and its default value of the flag is used for the resource.

body

string

Pattern for rewrite.

The value must have the following format: <source path> <destination path>, where both paths are regular expressions which use at least one group. E.g., /foo/(.*) /bar/$1.

flag

enum (RewriteFlag)

Break flag is applied to the option by default.
It is not shown in the field.

• REWRITE_FLAG_UNSPECIFIED
• LAST: Stops processing of the current set of ngx_http_rewrite_module directives and
  starts a search for a new location matching changed URI.
• BREAK: Stops processing of the current set of the Rewrite option.
• REDIRECT: Returns a temporary redirect with the 302 code; It is used when a replacement string does not start
  with "http://", "https://", or "$scheme".
• PERMANENT: Returns a permanent redirect with the 301 code.

Field

Description

enabled

boolean

True - the option is enabled and its flag is applied to the resource.
False - the option is disabled and its default value of the flag is used for the resource.

key

string

The key for the URL signing.

type

enum (SecureKeyURLType)

The type of the URL signing. The URL could be available for all IP addresses or for the only one IP.

• SECURE_KEY_URL_TYPE_UNSPECIFIED
• ENABLE_IP_SIGNING: Use scpecific IP address in URL signing. URL will be availible only for this IP.
• DISABLE_IP_SIGNING: Sign URL without using IP address. URL will be available for all IP addresses.

Field

Description

enabled

boolean

True - the option is enabled and its flag is applied to the resource.
False - the option is disabled and its default value of the flag is used for the resource.

policyType

enum (PolicyType)

The policy type. One of allow or deny value.

• POLICY_TYPE_UNSPECIFIED
• POLICY_TYPE_ALLOW: Allow access to all IP addresses except the ones specified in the excepted_values field.
• POLICY_TYPE_DENY: Block access to all IP addresses except the ones specified in the excepted_values field.

exceptedValues[]

string

The list of IP addresses to be allowed or denied.

Field

Description

type

enum (SSLCertificateType)

Type of the certificate.

• SSL_CERTIFICATE_TYPE_UNSPECIFIED: SSL certificate is unspecified.
• DONT_USE: No SSL certificate is added, the requests are sent via HTTP.
• LETS_ENCRYPT_GCORE: The option is deprecated. Works only if you have already pointed your domain name to the protected IP address in your DNS.
• CM: Add your SSL certificate by uploading the certificate in PEM format and your private key.

status

enum (SSLCertificateStatus)

Active status.

• SSL_CERTIFICATE_STATUS_UNSPECIFIED: SSL certificate is unspecified.
• READY: SSL certificate is ready to use.
• CREATING: The option is deprecated. SSL certificate is creating.

data

SSLCertificateData

Certificate data.

Field

Description

cm

SSLCertificateCMData

Custom (add your SSL certificate by uploading the certificate
in PEM format and your private key).

Includes only one of the fields cm.

Field

Description

id

string

ID of the custom certificate.