Stay organized with collections Save and categorize content based on your preferences.
An SSL certificate that a user has been authorized to administer. A user is authorized to administer any certificate that applies to one of their authorized domains.
JSON representation{
"name": string,
"id": string,
"displayName": string,
"domainNames": [
string
],
"expireTime": string,
"certificateRawData": {
object (CertificateRawData)
},
"managedCertificate": {
object (ManagedCertificate)
},
"visibleDomainMappings": [
string
],
"domainMappingsCount": integer
} Fields name
string
Full path to the AuthorizedCertificate resource in the API. Example: apps/myapp/authorizedCertificates/12345.
Note: This field is used in responses only. Any value specified here in a request is ignored.
id
string
Relative name of the certificate. This is a unique value autogenerated on AuthorizedCertificate resource creation. Example: 12345.
Note: This field is used in responses only. Any value specified here in a request is ignored.
displayName
string
The user-specified display name of the certificate. This is not guaranteed to be unique. Example: My Certificate.
domainNames[]
string
Topmost applicable domains of this certificate. This certificate applies to these domains and their subdomains. Example: example.com.
Note: This field is used in responses only. Any value specified here in a request is ignored.
expireTime
string (Timestamp format)
The time when this certificate expires. To update the renewal time on this certificate, upload an SSL certificate with a different expiration time using AuthorizedCertificates.UpdateAuthorizedCertificate.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
Note: This field is used in responses only. Any value specified here in a request is ignored.
certificateRawData
object (CertificateRawData)
The SSL certificate serving the AuthorizedCertificate resource. This must be obtained independently from a certificate authority.
managedCertificate
object (ManagedCertificate)
Only applicable if this certificate is managed by App Engine. Managed certificates are tied to the lifecycle of a DomainMapping and cannot be updated or deleted via the AuthorizedCertificates API. If this certificate is manually administered by the user, this field will be empty.
Note: This field is used in responses only. Any value specified here in a request is ignored.
visibleDomainMappings[]
string
The full paths to user visible Domain Mapping resources that have this certificate mapped. Example: apps/myapp/domainMappings/example.com.
This may not represent the full list of mapped domain mappings if the user does not have VIEWER permissions on all of the applications that have this certificate mapped. See domainMappingsCount for a complete count.
Only returned by GET or LIST requests when specifically requested by the view=FULL_CERTIFICATE option.
Note: This field is used in responses only. Any value specified here in a request is ignored.
domainMappingsCount
integer
Aggregate count of the domain mappings with this certificate mapped. This count includes domain mappings on applications for which the user does not have VIEWER permissions.
Only returned by GET or LIST requests when specifically requested by the view=FULL_CERTIFICATE option.
Note: This field is used in responses only. Any value specified here in a request is ignored.
CertificateRawDataAn SSL certificate obtained from a certificate authority.
JSON representation{
"publicCertificate": string,
"privateKey": string
} Fields publicCertificate
string
PEM encoded x.509 public key certificate. This field is set once on certificate creation. Must include the header and footer. Example:
-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
privateKey
string
Unencrypted PEM encoded RSA private key. This field is set once on certificate creation and then encrypted. The key size must be 2048 bits or fewer. Must include the header and footer. Example:
-----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY-----
@InputOnly
ManagedCertificateA certificate managed by App Engine.
JSON representation{
"lastRenewalTime": string,
"status": enum (ManagementStatus)
} Fields lastRenewalTime
string (Timestamp format)
Time at which the certificate was last renewed. The renewal process is fully managed. Certificate renewal will automatically occur before the certificate expires. Renewal errors can be tracked via ManagementStatus.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
Note: This field is used in responses only. Any value specified here in a request is ignored.
status
enum (ManagementStatus)
Status of certificate management. Refers to the most recent certificate acquisition or renewal attempt.
Note: This field is used in responses only. Any value specified here in a request is ignored.
ManagementStatusState of certificate management. Refers to the most recent certificate acquisition or renewal attempt.
EnumsMANAGEMENT_STATUS_UNSPECIFIED OK Certificate was successfully obtained and inserted into the serving system. PENDING Certificate is under active attempts to acquire or renew. FAILED_RETRYING_NOT_VISIBLE Most recent renewal failed due to an invalid DNS setup and will be retried. Renewal attempts will continue to fail until the certificate domain's DNS configuration is fixed. The last successfully provisioned certificate may still be serving. FAILED_PERMANENT All renewal attempts have been exhausted, likely due to an invalid DNS setup. FAILED_RETRYING_CAA_FORBIDDEN Most recent renewal failed due to an explicit CAA record that does not include one of the in-use CAs (Google CA and Let's Encrypt). Renewals will continue to fail until the CAA is reconfigured. The last successfully provisioned certificate may still be serving. FAILED_RETRYING_CAA_CHECKING Most recent renewal failed due to a CAA retrieval failure. This means that the domain's DNS provider does not properly handle CAA records, failing requests for CAA records when no CAA records are defined. Renewals will continue to fail until the DNS provider is changed or a CAA record is added for the given domain. The last successfully provisioned certificate may still be serving. Methods create Uploads the specified SSL certificate. delete Deletes the specified SSL certificate. get Gets the specified SSL certificate. list Lists all SSL certificates the user is authorized to administer. patch Updates the specified SSL certificate.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-06-16 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-06-16 UTC."],[[["`AuthorizedCertificate` resources represent SSL certificates that users can manage, specifically those applicable to their authorized domains."],["`CertificateRawData` contains the actual SSL certificate data, including the PEM-encoded public key certificate and the encrypted private key, which are set upon creation."],["`ManagedCertificate` indicates whether a certificate is automatically managed by App Engine, including the timestamp of its last renewal and its current management status."],["`ManagementStatus` defines the current state of certificate management, detailing if a certificate has been successfully obtained, is pending, or has failed due to various reasons like DNS issues."],["There are several methods available for managing SSL certificates, including creating, deleting, retrieving, listing, and updating `AuthorizedCertificate` resources."]]],[]]
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4