Связаться с намиПодключиться

Certificate Manager API, REST: Certificate.Get

Статья создана
Обновлена 17 декабря 2024 г.

Returns the specified certificate.

To get the list of available certificates, make a List request.

HTTP request

GET https://certificate-manager.api.cloud.yandex.net/certificate-manager/v1/certificates/{certificateId}

Path parameters

Field

Description

certificateId

string

Required field. ID of the certificate to return.

To get the ID of a certificate use a CertificateService.List request.

Query parameters

Field

Description

view

enum (CertificateView)

The output type of the certificate.

  • BASIC: Output basic information about the certificate.
  • FULL: Output full information about the certificate including domain challenges.

Response

HTTP Code: 200 - OK

{
  "id": "string",
  "folderId": "string",
  "createdAt": "string",
  "name": "string",
  "description": "string",
  "labels": "object",
  "type": "string",
  "domains": [
    "string"
  ],
  "status": "string",
  "issuer": "string",
  "subject": "string",
  "serial": "string",
  "updatedAt": "string",
  "issuedAt": "string",
  "notAfter": "string",
  "notBefore": "string",
  "challenges": [
    {
      "domain": "string",
      "type": "string",
      "createdAt": "string",
      "updatedAt": "string",
      "status": "string",
      "message": "string",
      "error": "string",
      // Includes only one of the fields `dnsChallenge`, `httpChallenge`
      "dnsChallenge": {
        "name": "string",
        "type": "string",
        "value": "string"
      },
      "httpChallenge": {
        "url": "string",
        "content": "string"
      }
      // end of the list of possible fields
    }
  ],
  "deletionProtection": "boolean",
  "incompleteChain": "boolean"
}

A certificate. For details about the concept, see documentation.

Field

Description

id

string

ID of the certificate. Generated at creation time.

folderId

string

ID of the folder that the certificate belongs to.

createdAt

string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

name

string

Name of the certificate.
The name is unique within the folder.

description

string

Description of the certificate.

labels

object (map<string, string>)

Certificate labels as key:value pairs.

type

enum (CertificateType)

Type of the certificate.

  • CERTIFICATE_TYPE_UNSPECIFIED
  • IMPORTED: The certificate is imported by user.
  • MANAGED: The certificate is created by service.

domains[]

string

Fully qualified domain names of the certificate.

status

enum (Status)

Status of the certificate.

  • STATUS_UNSPECIFIED
  • VALIDATING: The certificate domains validation are required. Used only for managed certificates.
  • INVALID: The certificate issuance is failed. Used only for managed certificates.
  • ISSUED: The certificate is issued.
  • REVOKED: The certificate is revoked.
  • RENEWING: The certificate renewal is started. Used only for managed certificates.
  • RENEWAL_FAILED: The certificate renewal is failed. Used only for managed certificates.

issuer

string

Distinguished Name of the certificate authority that issued the certificate.

subject

string

Distinguished Name of the entity that is associated with the public key contained in the certificate.

serial

string

Serial number of the certificate.

updatedAt

string (date-time)

Time when the certificate is updated.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

issuedAt

string (date-time)

Time when the certificate is issued.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

notAfter

string (date-time)

Time after which the certificate is not valid.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

notBefore

string (date-time)

Time before which the certificate is not valid.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

challenges[]

Challenge

Domains validation challenges of the certificate. Used only for managed certificates.

deletionProtection

boolean

Flag that protects deletion of the certificate

incompleteChain

boolean

Mark imported certificates without uploaded chain or with chain which not lead to root certificate

Challenge

Domain validation challenge.

Field

Description

domain

string

Domain of the challenge.

type

enum (ChallengeType)

Type of the challenge.

  • CHALLENGE_TYPE_UNSPECIFIED
  • DNS: Domain validation type that using DNS-records.
  • HTTP: Domain validation type that using HTTP-files.

createdAt

string (date-time)

Time when the challenge is created.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

updatedAt

string (date-time)

Time when the challenge is updated.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

status

enum (Status)

Status of the challenge.

  • STATUS_UNSPECIFIED
  • PENDING: The challenge is waiting to be completed.
  • PROCESSING: The challenge is awaiting approval from Let's Encrypt.
  • VALID: The challenge is complete.
  • INVALID: The rights check for a specific domain failed or the one-week period allocated for the check expired.

message

string

Description of the challenge.

error

string

Error of the challenge.

dnsChallenge

DnsRecord

DNS-record.

Includes only one of the fields dnsChallenge, httpChallenge.

Data of the challenge.

httpChallenge

HttpFile

HTTP-file.

Includes only one of the fields dnsChallenge, httpChallenge.

Data of the challenge.

DnsRecord

Field

Description

name

string

Name of the DNS record.

type

string

Type of the DNS-record.

value

string

Value of the DNS-record.

HttpFile

Field

Description

url

string

Location of the HTTP file.

content

string

Content of the HTTP file.
Предыдущая
Overview
Следующая
List