Certificate Manager Private CA API, REST: Policy.List
Retrieves the list of policies of the specified certificate authority.
HTTP request
GET https://private-ca.certificate-manager.api.cloud.yandex.net/privateca/v1/policies
Query parameters
Request message for listing policies.
Field |
Description |
certificateAuthorityId |
string Required field. ID of the certificate authority to list policies for. |
pageSize |
string (int64) The maximum number of results per page to return. |
pageToken |
string Page token. To get the next page of results, set |
Response
HTTP Code: 200 - OK
{
"policy": [
{
"id": "string",
"certificateAuthorityId": "string",
"name": "string",
"subjectPolicy": {
"country": "string",
"organization": "string",
"organizationalUnit": "string",
"distinguishedNameQualifier": "string",
"stateOrProvince": "string",
"commonName": "string",
"emailAddress": "string",
"serialNumber": "string",
"locality": "string",
"title": "string",
"surname": "string",
"givenName": "string",
"initials": "string",
"generationQualifier": "string"
},
"sanPolicy": {
"otherNameOid": "string",
"rfc_822Name": "string",
"dnsName": "string",
"directoryName": "string",
"ediPartyName": {
"nameAssigner": "string",
"partyName": "string"
},
"uniformResourceIdentifier": "string",
"ipAddress": "string",
"registeredId": "string"
},
// Includes only one of the fields `keyUsagesWhiteList`, `keyUsagesBlackList`
"keyUsagesWhiteList": {
"keyUsage": [
"string"
]
},
"keyUsagesBlackList": {
"keyUsage": [
"string"
]
},
// end of the list of possible fields
// Includes only one of the fields `extendedKeyUsagesWhiteList`, `extendedKeyUsagesBlackList`
"extendedKeyUsagesWhiteList": {
"extendedKeyUsage": [
"string"
]
},
"extendedKeyUsagesBlackList": {
"extendedKeyUsage": [
"string"
]
},
// end of the list of possible fields
// Includes only one of the fields `extensionWhiteList`, `extensionBlackList`
"extensionWhiteList": {
"extensionOid": [
"string"
]
},
"extensionBlackList": {
"extensionOid": [
"string"
]
},
// end of the list of possible fields
"createdAt": "string",
"updatedAt": "string"
}
],
"nextPageToken": "string"
}
Response message for listing policies.
Field |
Description |
policy[] |
List of policies for the specified certificate authority. |
nextPageToken |
string This token allows you to get the next page of results for list requests. |
Policy
A policy defines the rules and constraints for issuing certificates within a certificate authority.
Field |
Description |
id |
string ID of the policy. |
certificateAuthorityId |
string ID of the certificate authority the policy belongs to. |
name |
string Name of the policy. |
subjectPolicy |
Policy for the subject field of the certificate. |
sanPolicy |
Policy for the Subject Alternative Name (SAN) extension of the certificate. |
keyUsagesWhiteList |
Whitelist of allowed key usages. Includes only one of the fields Policy for key usages. |
keyUsagesBlackList |
Blacklist of disallowed key usages. Includes only one of the fields Policy for key usages. |
extendedKeyUsagesWhiteList |
Whitelist of allowed extended key usages. Includes only one of the fields Policy for extended key usages. |
extendedKeyUsagesBlackList |
Blacklist of disallowed extended key usages. Includes only one of the fields Policy for extended key usages. |
extensionWhiteList |
Whitelist of allowed extensions. Includes only one of the fields Policy for certificate extensions. |
extensionBlackList |
Blacklist of disallowed extensions. Includes only one of the fields Policy for certificate extensions. |
createdAt |
string (date-time) Timestamp when the policy was created. String in RFC3339 To work with values in this field, use the APIs described in the |
updatedAt |
string (date-time) Timestamp when the policy was last updated. String in RFC3339 To work with values in this field, use the APIs described in the |
SubjectPolicy
Policy for the subject field of a certificate. Each string field could be a regexp
Field |
Description |
country |
string Allowed country name in the subject field. |
organization |
string Allowed organization name in the subject field. |
organizationalUnit |
string Allowed organizational unit name in the subject field. |
distinguishedNameQualifier |
string Allowed distinguished name qualifier in the subject field. |
stateOrProvince |
string Allowed state or province name in the subject field. |
commonName |
string Allowed common name in the subject field. |
emailAddress |
string Allowed email address in the subject field. |
serialNumber |
string Allowed serial number in the subject field. |
locality |
string Allowed locality name in the subject field. |
title |
string Allowed title in the subject field. |
surname |
string Allowed surname in the subject field. |
givenName |
string Allowed given name in the subject field. |
initials |
string Allowed initials in the subject field. |
generationQualifier |
string Allowed generation qualifier in the subject field. |
SubjectAlternativeNamePolicy
Policy for the Subject Alternative Name (SAN) field of a certificate. Each string field could be a regexp
Field |
Description |
otherNameOid |
string Allowed OIDs of the other name in the SAN field. |
rfc_822Name |
string Allowed RFC 822 names (email addresses) in the SAN field. |
dnsName |
string Allowed DNS names in the SAN field. |
directoryName |
string Allowed directory names in the SAN field. |
ediPartyName |
Allowed EDI party names in the SAN field. |
uniformResourceIdentifier |
string Allowed URIs in the SAN field. |
ipAddress |
string Allowed IP addresses in the SAN field. |
registeredId |
string Allowed registered IDs in the SAN field. |
EdiPartyName
Field |
Description |
nameAssigner |
string Specifies the entity or authority that assigned the partyName |
partyName |
string The actual identifier of the EDI party |
KeyUsagePolicy
Policy for key usages in a certificate.
Field |
Description |
keyUsage[] |
enum (KeyUsageExtension) List of key usages that are allowed or disallowed.
|
ExtendedKeyUsagePolicy
Policy for extended key usages in a certificate.
Field |
Description |
extendedKeyUsage[] |
enum (ExtendedKeyUsageExtension) List of extended key usages that are allowed or disallowed.
|
ExtensionPolicy
Policy for certificate extensions.
Field |
Description |
extensionOid[] |
string List of extension OIDs that are allowed or disallowed. |