Certificate Manager Private CA API, gRPC: PrivateCaService.ImportCertificateAuthority
Imports an externally generated Certificate Authority (CA).
You can import an existing CA from external PKI systems.
gRPC request
rpc ImportCertificateAuthority (ImportCertificateAuthorityRequest) returns (operation.Operation)
ImportCertificateAuthorityRequest
{
"folder_id": "string",
"name": "string",
"description": "string",
"certificate_content": "string",
"key_pair": "string",
"passphrase": "string",
"end_entities_ttl_limit_days": "int64",
"deletion_protection": "bool"
}
Request to import an externally generated Certificate Authority (CA).
Field |
Description |
folder_id |
string Required field. Folder ID where the CA is being created. |
name |
string Required field. The name of the imported Certificate Authority. |
description |
string A brief description of the imported Certificate Authority. |
certificate_content |
string Required field. PEM-encoded certificate content for the Certificate Authority. |
key_pair |
string Required field. PEM-encoded key pair content for the CA (private key). |
passphrase |
string PEM-encoded passphrase to decrypt the private key (if applicable). |
end_entities_ttl_limit_days |
int64 TTL limit in days for end-entities signed by the CA. |
deletion_protection |
bool Protect the CA from accidental deletion. |
operation.Operation
{
"id": "string",
"description": "string",
"created_at": "google.protobuf.Timestamp",
"created_by": "string",
"modified_at": "google.protobuf.Timestamp",
"done": "bool",
"metadata": {
"certificate_authority_id": "string"
},
// Includes only one of the fields `error`, `response`
"error": "google.rpc.Status",
"response": {
"id": "string",
"folder_id": "string",
"name": "string",
"description": "string",
"parent_certificate_authority_id": "string",
"status": "Status",
"issued_at": "google.protobuf.Timestamp",
"not_after": "google.protobuf.Timestamp",
"not_before": "google.protobuf.Timestamp",
"crl_endpoint": "string",
"end_entities_ttl_limit_days": "int64",
"deletion_protection": "bool",
"created_at": "google.protobuf.Timestamp",
"updated_at": "google.protobuf.Timestamp"
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
Field |
Description |
id |
string ID of the operation. |
description |
string Description of the operation. 0-256 characters long. |
created_at |
Creation timestamp. |
created_by |
string ID of the user or service account who initiated the operation. |
modified_at |
The time when the Operation resource was last modified. |
done |
bool If the value is |
metadata |
ImportCertificateAuthorityMetadata Service-specific metadata associated with the operation. |
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
ImportCertificateAuthorityMetadata
Metadata for the ImportCertificateAuthority operation.
Field |
Description |
certificate_authority_id |
string The ID of the imported Certificate Authority. |
CertificateAuthority
A certificate authority (CA) used to sign certificates.
Field |
Description |
id |
string ID of the certificate authority. |
folder_id |
string ID of the folder that the certificate authority belongs to. |
name |
string Name of the certificate authority. |
description |
string Description of the certificate authority. |
parent_certificate_authority_id |
string ID of the parent certificate authority that signed this certificate authority if any. |
status |
enum Status Status of the certificate authority.
|
issued_at |
Time when the certificate authority was issued. |
not_after |
Time after which the certificate authority is not valid. |
not_before |
Time before which the certificate authority is not valid. |
crl_endpoint |
string Endpoint of the certificate revocation list (CRL) for the certificate authority. |
end_entities_ttl_limit_days |
int64 Maximum allowed TTL (in days) for end-entity certificates issued by this CA. |
deletion_protection |
bool Flag that protects deletion of the certificate authority. |
created_at |
Time when the certificate authority was created. |
updated_at |
Time when the certificate authority was last updated. |