Class: Google::Cloud::Security::PrivateCA::V1::CertificateDescription

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/security/privateca/v1/resources.rb

Overview

A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

Defined Under Namespace

Classes: CertificateFingerprint, KeyId, SubjectDescription

Instance Attribute Summary collapse

Instance Attribute Details

#aia_issuing_certificate_urls::Array<::String>

Returns Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

Returns:

  • (::Array<::String>)

    Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#authority_key_id::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId

Returns Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1.



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#cert_fingerprint::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::CertificateFingerprint

Returns The hash of the x.509 certificate.



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#crl_distribution_points::Array<::String>

Returns Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13.

Returns:



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#public_key::Google::Cloud::Security::PrivateCA::V1::PublicKey

Returns The public key that corresponds to an issued certificate.

Returns:



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#subject_description::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::SubjectDescription

Returns Describes some of the values in a certificate that are related to the subject and lifetime.

Returns:



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#subject_key_id::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId

Returns Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

Returns:



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#x509_description::Google::Cloud::Security::PrivateCA::V1::X509Parameters

Returns Describes some of the technical X.509 fields in a certificate.

Returns:



829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 829

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most
  #     likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end