- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Returns the specified SslCertificate resource in the specified region. regionSslCertificates.get a list of available SSL certificates by making a list()
request.
HTTP request
GET https://compute.googleapis.com/compute/v1/projects/{project}/regions/{region}/sslCertificates/{sslCertificate}
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
project
|
Project ID for this request. |
region
|
Name of the region scoping this request. |
sslCertificate
|
Name of the SslCertificate resource to return. |
Request body
The request body must be empty.
Response body
Represents an SSL certificate resource.
Google Compute Engine has two SSL certificate resources:
The global SSL certificates ( sslCertificates
) are used by:
- Global external Application Load Balancers
- Classic Application Load Balancers
- Proxy Network Load Balancers (with target SSL proxies)
The regional SSL certificates ( regionSslCertificates
) are used by:
- Regional external Application Load Balancers
- Regional internal Application Load Balancers
Optionally, certificate file contents that you upload can contain a set of up to five PEM-encoded certificates. The API call creates an object (sslCertificate) that holds this data. You can use SSL keys and certificates to secure connections to a load balancer. For more information, read Creating and using SSL certificates , SSL certificates quotas and limits , and Troubleshooting SSL certificates .
If successful, the response body contains data with the following structure:
JSON representation |
---|
{ "kind" : string , "id" : string , "creationTimestamp" : string , "name" : string , "description" : string , "selfLink" : string , "certificate" : string , "privateKey" : string , "managed" : { "domains" : [ string ] , "status" : enum , "domainStatus" : { string : enum , ... } } , "selfManaged" : { "certificate" : string , "privateKey" : string } , "type" : enum , "subjectAlternativeNames" : [ string ] , "expireTime" : string , "region" : string } |
Fields | |
---|---|
kind
|
[Output Only] Type of the resource. Always |
id
|
[Output Only] The unique identifier for the resource. This identifier is defined by the server. |
creationTimestamp
|
[Output Only] Creation timestamp in RFC3339 text format. |
name
|
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035
. Specifically, the name must be 1-63 characters long and match the regular expression |
description
|
An optional description of this resource. Provide this property when you create the resource. |
selfLink
|
[Output only] Server-defined URL for the resource. |
certificate
|
A value read into memory from a certificate file. The certificate file must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. |
privateKey
|
A value read into memory from a write-only private key file. The private key file must be in PEM format. For security, only |
managed
|
Configuration and status of a managed SSL certificate. |
managed.domains[]
|
The domains for which a managed SSL certificate will be generated. Each Google-managed SSL certificate supports up to the maximum number of domains per Google-managed SSL certificate . |
managed.status
|
[Output only] Status of the managed certificate resource. |
managed.domainStatus
|
[Output only] Detailed statuses of the domains specified for managed certificate resource. |
selfManaged
|
Configuration and status of a self-managed SSL certificate. |
selfManaged.certificate
|
A local certificate file. The certificate must be in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. |
selfManaged.privateKey
|
A write-only private key in PEM format. Only |
type
|
(Optional) Specifies the type of SSL certificate, either "SELF_MANAGED" or "MANAGED". If not specified, the certificate is self-managed and the fields |
subjectAlternativeNames[]
|
[Output Only] Domains associated with the certificate via Subject Alternative Name. |
expireTime
|
[Output Only] Expire time of the certificate. RFC3339 |
region
|
[Output Only] URL of the region where the regional SSL Certificate resides. This field is not applicable to global SSL Certificate. |
Authorization scopes
Requires one of the following OAuth scopes:
-
https://www.googleapis.com/auth/compute.readonly
-
https://www.googleapis.com/auth/compute
-
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview .
IAM Permissions
In addition to any permissions specified on the fields above, authorization requires one or more of the following IAM permissions:
-
compute.regionSslCertificates.get
To find predefined roles that contain those permissions, see Compute Engine IAM Roles .