Certificate Manager Private CA API, REST: Policy.List
Retrieves the list of policies of the specified certificate authority.
HTTP request
GET https://private-ca.certificate-manager.api.cloud.yandex.net/privateca/v1/policies
Query parameters
Request message for listing policies.
|
Field |
Description |
|
certificateAuthorityId |
string Required field. ID of the certificate authority to list policies for. The maximum string length in characters is 50. |
|
pageSize |
string (int64) The maximum number of results per page to return. The maximum value is 100. |
|
pageToken |
string Page token. To get the next page of results, set The maximum string length in characters is 100. |
Response
HTTP Code: 200 - OK
{
"policy": [
{
"id": "string",
"certificateAuthorityId": "string",
"name": "string",
"subjectPolicy": {
"country": "string",
"organization": "string",
"organizationalUnit": "string",
"distinguishedNameQualifier": "string",
"stateOrProvince": "string",
"commonName": "string",
"emailAddress": "string",
"serialNumber": "string",
"locality": "string",
"title": "string",
"surname": "string",
"givenName": "string",
"initials": "string",
"generationQualifier": "string"
},
"sanPolicy": {
"otherNameOid": "string",
"rfc_822Name": "string",
"dnsName": "string",
"directoryName": "string",
"ediPartyName": {
"nameAssigner": "string",
"partyName": "string"
},
"uniformResourceIdentifier": "string",
"ipAddress": "string",
"registeredId": "string"
},
// Includes only one of the fields `keyUsagesWhiteList`, `keyUsagesBlackList`
"keyUsagesWhiteList": {
"keyUsage": [
"string"
]
},
"keyUsagesBlackList": {
"keyUsage": [
"string"
]
},
// end of the list of possible fields
// Includes only one of the fields `extendedKeyUsagesWhiteList`, `extendedKeyUsagesBlackList`
"extendedKeyUsagesWhiteList": {
"extendedKeyUsage": [
"string"
]
},
"extendedKeyUsagesBlackList": {
"extendedKeyUsage": [
"string"
]
},
// end of the list of possible fields
// Includes only one of the fields `extensionWhiteList`, `extensionBlackList`
"extensionWhiteList": {
"extensionOid": [
"string"
]
},
"extensionBlackList": {
"extensionOid": [
"string"
]
},
// end of the list of possible fields
"createdAt": "string",
"updatedAt": "string"
}
],
"nextPageToken": "string"
}
Response message for listing policies.
|
Field |
Description |
|
policy[] |
List of policies for the specified certificate authority. |
|
nextPageToken |
string This token allows you to get the next page of results for list requests. |
Policy
A policy defines the rules and constraints for issuing certificates within a certificate authority.
|
Field |
Description |
|
id |
string ID of the policy. |
|
certificateAuthorityId |
string ID of the certificate authority the policy belongs to. |
|
name |
string Name of the policy. |
|
subjectPolicy |
Policy for the subject field of the certificate. |
|
sanPolicy |
Policy for the Subject Alternative Name (SAN) extension of the certificate. |
|
keyUsagesWhiteList |
Whitelist of allowed key usages. Includes only one of the fields Policy for key usages. |
|
keyUsagesBlackList |
Blacklist of disallowed key usages. Includes only one of the fields Policy for key usages. |
|
extendedKeyUsagesWhiteList |
Whitelist of allowed extended key usages. Includes only one of the fields Policy for extended key usages. |
|
extendedKeyUsagesBlackList |
Blacklist of disallowed extended key usages. Includes only one of the fields Policy for extended key usages. |
|
extensionWhiteList |
Whitelist of allowed extensions. Includes only one of the fields Policy for certificate extensions. |
|
extensionBlackList |
Blacklist of disallowed extensions. Includes only one of the fields Policy for certificate extensions. |
|
createdAt |
string (date-time) Timestamp when the policy was created. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
updatedAt |
string (date-time) Timestamp when the policy was last updated. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
SubjectPolicy
Policy for the subject field of a certificate. Each string field could be a regexp
|
Field |
Description |
|
country |
string Allowed country name in the subject field. The maximum string length in characters is 1000. |
|
organization |
string Allowed organization name in the subject field. The maximum string length in characters is 1000. |
|
organizationalUnit |
string Allowed organizational unit name in the subject field. The maximum string length in characters is 1000. |
|
distinguishedNameQualifier |
string Allowed distinguished name qualifier in the subject field. The maximum string length in characters is 10000. |
|
stateOrProvince |
string Allowed state or province name in the subject field. The maximum string length in characters is 1000. |
|
commonName |
string Allowed common name in the subject field. The maximum string length in characters is 10000. |
|
emailAddress |
string Allowed email address in the subject field. The maximum string length in characters is 1000. |
|
serialNumber |
string Allowed serial number in the subject field. The maximum string length in characters is 100. |
|
locality |
string Allowed locality name in the subject field. The maximum string length in characters is 1000. |
|
title |
string Allowed title in the subject field. The maximum string length in characters is 1000. |
|
surname |
string Allowed surname in the subject field. The maximum string length in characters is 1000. |
|
givenName |
string Allowed given name in the subject field. The maximum string length in characters is 1000. |
|
initials |
string Allowed initials in the subject field. The maximum string length in characters is 1000. |
|
generationQualifier |
string Allowed generation qualifier in the subject field. The maximum string length in characters is 1000. |
SubjectAlternativeNamePolicy
Policy for the Subject Alternative Name (SAN) field of a certificate. Each string field could be a regexp
|
Field |
Description |
|
otherNameOid |
string Allowed OIDs of the other name in the SAN field. |
|
rfc_822Name |
string Allowed RFC 822 names (email addresses) in the SAN field. The maximum string length in characters is 1000. |
|
dnsName |
string Allowed DNS names in the SAN field. The maximum string length in characters is 1000. |
|
directoryName |
string Allowed directory names in the SAN field. The maximum string length in characters is 1000. |
|
ediPartyName |
Allowed EDI party names in the SAN field. |
|
uniformResourceIdentifier |
string Allowed URIs in the SAN field. The maximum string length in characters is 1000. |
|
ipAddress |
string Allowed IP addresses in the SAN field. The maximum string length in characters is 1000. |
|
registeredId |
string Allowed registered IDs in the SAN field. The maximum string length in characters is 1000. |
EdiPartyName
|
Field |
Description |
|
nameAssigner |
string Specifies the entity or authority that assigned the partyName The maximum string length in characters is 1000. |
|
partyName |
string The actual identifier of the EDI party The maximum string length in characters is 1000. |
KeyUsagePolicy
Policy for key usages in a certificate.
|
Field |
Description |
|
keyUsage[] |
enum (KeyUsageExtension) List of key usages that are allowed or disallowed.
|
ExtendedKeyUsagePolicy
Policy for extended key usages in a certificate.
|
Field |
Description |
|
extendedKeyUsage[] |
enum (ExtendedKeyUsageExtension) List of extended key usages that are allowed or disallowed.
|
ExtensionPolicy
Policy for certificate extensions.
|
Field |
Description |
|
extensionOid[] |
string List of extension OIDs that are allowed or disallowed. |