Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
  • Blog
  • Pricing
  • Documentation
Yandex project
© 2025 Yandex.Cloud LLC
Yandex Certificate Manager
  • Getting started
  • Access management
  • Pricing policy
  • Terraform reference
    • Authentication with the API
      • Overview
        • Overview
          • Overview
          • GenerateCertificateAuthority
          • GenerateCertificateAuthorityByCsr
          • ImportCertificateAuthority
          • GenerateCsrForCertificateAuthority
          • SendSignedCertificateOfCertificateAuthority
          • Delete
          • GetCsrForCertificateAuthority
          • Get
          • List
          • Update
          • ListAccessBindings
          • SetAccessBindings
          • UpdateAccessBindings
  • Monitoring metrics
  • Audit Trails events
  • Release notes
  • FAQ

In this article:

  • HTTP request
  • Path parameters
  • Response
  1. API reference
  2. REST
  3. Certificate Manager Private CA API
  4. PrivateCa
  5. Get

Certificate Manager Private CA API, REST: PrivateCa.Get

Written by
Yandex Cloud
Updated at December 17, 2024
  • HTTP request
  • Path parameters
  • Response

Retrieves detailed information about a specific Certificate Authority (CA).

HTTP requestHTTP request

GET https://private-ca.certificate-manager.api.cloud.yandex.net/privateca/v1/certificateAuthorities/{certificateAuthorityId}

Path parametersPath parameters

Request to get detailed information about an existing Certificate Authority.

Field

Description

certificateAuthorityId

string

Required field. The ID of the Certificate Authority to retrieve.
This must be a valid Certificate Authority ID in your account.

ResponseResponse

HTTP Code: 200 - OK

{
  "id": "string",
  "folderId": "string",
  "name": "string",
  "description": "string",
  "parentCertificateAuthorityId": "string",
  "status": "string",
  "issuedAt": "string",
  "notAfter": "string",
  "notBefore": "string",
  "crlEndpoint": "string",
  "endEntitiesTtlLimitDays": "string",
  "deletionProtection": "boolean",
  "createdAt": "string",
  "updatedAt": "string"
}

A certificate authority (CA) used to sign certificates.

Field

Description

id

string

ID of the certificate authority.

folderId

string

ID of the folder that the certificate authority belongs to.

name

string

Name of the certificate authority.

description

string

Description of the certificate authority.

parentCertificateAuthorityId

string

ID of the parent certificate authority that signed this certificate authority if any.

status

enum (Status)

Status of the certificate authority.

  • STATUS_UNSPECIFIED
  • UNSIGNED: The certificate authority is unsigned and pending signing.
  • ACTIVE: The certificate authority is active and can issue certificates.

issuedAt

string (date-time)

Time when the certificate authority was issued.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

notAfter

string (date-time)

Time after which the certificate authority is not valid.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

notBefore

string (date-time)

Time before which the certificate authority is not valid.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

crlEndpoint

string

Endpoint of the certificate revocation list (CRL) for the certificate authority.

endEntitiesTtlLimitDays

string (int64)

Maximum allowed TTL (in days) for end-entity certificates issued by this CA.

deletionProtection

boolean

Flag that protects deletion of the certificate authority.

createdAt

string (date-time)

Time when the certificate authority was created.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

updatedAt

string (date-time)

Time when the certificate authority was last updated.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

Was the article helpful?

Previous
GetCsrForCertificateAuthority
Next
List
Yandex project
© 2025 Yandex.Cloud LLC