venafi.Certificate
Explore with Pulumi AI
Create Certificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
args: CertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Certificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
common_name: Optional[str] = None,
nickname: Optional[str] = None,
san_uris: Optional[Sequence[str]] = None,
country: Optional[str] = None,
csr_origin: Optional[str] = None,
csr_pem: Optional[str] = None,
custom_fields: Optional[Mapping[str, str]] = None,
ecdsa_curve: Optional[str] = None,
expiration_window: Optional[int] = None,
issuer_hint: Optional[str] = None,
key_password: Optional[str] = None,
valid_days: Optional[int] = None,
certificate_dn: Optional[str] = None,
pkcs12: Optional[str] = None,
organizational_units: Optional[Sequence[str]] = None,
organization: Optional[str] = None,
private_key_pem: Optional[str] = None,
renew_required: Optional[bool] = None,
rsa_bits: Optional[int] = None,
san_dns: Optional[Sequence[str]] = None,
san_emails: Optional[Sequence[str]] = None,
san_ips: Optional[Sequence[str]] = None,
algorithm: Optional[str] = None,
state: Optional[str] = None,
locality: Optional[str] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)
type: venafi:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. CertificateArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. CertificateArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. CertificateArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. CertificateArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. CertificateArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var certificateResource = new Venafi.Certificate("certificateResource", new()
{
CommonName = "string",
Nickname = "string",
SanUris = new[]
{
"string",
},
Country = "string",
CsrOrigin = "string",
CsrPem = "string",
CustomFields =
{
{ "string", "string" },
},
EcdsaCurve = "string",
ExpirationWindow = 0,
IssuerHint = "string",
KeyPassword = "string",
ValidDays = 0,
CertificateDn = "string",
Pkcs12 = "string",
OrganizationalUnits = new[]
{
"string",
},
Organization = "string",
PrivateKeyPem = "string",
RenewRequired = false,
RsaBits = 0,
SanDns = new[]
{
"string",
},
SanEmails = new[]
{
"string",
},
SanIps = new[]
{
"string",
},
Algorithm = "string",
State = "string",
Locality = "string",
});
example, err := venafi.NewCertificate(ctx, "certificateResource", &venafi.CertificateArgs{
CommonName: pulumi.String("string"),
Nickname: pulumi.String("string"),
SanUris: pulumi.StringArray{
pulumi.String("string"),
},
Country: pulumi.String("string"),
CsrOrigin: pulumi.String("string"),
CsrPem: pulumi.String("string"),
CustomFields: pulumi.StringMap{
"string": pulumi.String("string"),
},
EcdsaCurve: pulumi.String("string"),
ExpirationWindow: pulumi.Int(0),
IssuerHint: pulumi.String("string"),
KeyPassword: pulumi.String("string"),
ValidDays: pulumi.Int(0),
CertificateDn: pulumi.String("string"),
Pkcs12: pulumi.String("string"),
OrganizationalUnits: pulumi.StringArray{
pulumi.String("string"),
},
Organization: pulumi.String("string"),
PrivateKeyPem: pulumi.String("string"),
RenewRequired: pulumi.Bool(false),
RsaBits: pulumi.Int(0),
SanDns: pulumi.StringArray{
pulumi.String("string"),
},
SanEmails: pulumi.StringArray{
pulumi.String("string"),
},
SanIps: pulumi.StringArray{
pulumi.String("string"),
},
Algorithm: pulumi.String("string"),
State: pulumi.String("string"),
Locality: pulumi.String("string"),
})
var certificateResource = new Certificate("certificateResource", CertificateArgs.builder()
.commonName("string")
.nickname("string")
.sanUris("string")
.country("string")
.csrOrigin("string")
.csrPem("string")
.customFields(Map.of("string", "string"))
.ecdsaCurve("string")
.expirationWindow(0)
.issuerHint("string")
.keyPassword("string")
.validDays(0)
.certificateDn("string")
.pkcs12("string")
.organizationalUnits("string")
.organization("string")
.privateKeyPem("string")
.renewRequired(false)
.rsaBits(0)
.sanDns("string")
.sanEmails("string")
.sanIps("string")
.algorithm("string")
.state("string")
.locality("string")
.build());
certificate_resource = venafi.Certificate("certificateResource",
common_name="string",
nickname="string",
san_uris=["string"],
country="string",
csr_origin="string",
csr_pem="string",
custom_fields={
"string": "string",
},
ecdsa_curve="string",
expiration_window=0,
issuer_hint="string",
key_password="string",
valid_days=0,
certificate_dn="string",
pkcs12="string",
organizational_units=["string"],
organization="string",
private_key_pem="string",
renew_required=False,
rsa_bits=0,
san_dns=["string"],
san_emails=["string"],
san_ips=["string"],
algorithm="string",
state="string",
locality="string")
const certificateResource = new venafi.Certificate("certificateResource", {
commonName: "string",
nickname: "string",
sanUris: ["string"],
country: "string",
csrOrigin: "string",
csrPem: "string",
customFields: {
string: "string",
},
ecdsaCurve: "string",
expirationWindow: 0,
issuerHint: "string",
keyPassword: "string",
validDays: 0,
certificateDn: "string",
pkcs12: "string",
organizationalUnits: ["string"],
organization: "string",
privateKeyPem: "string",
renewRequired: false,
rsaBits: 0,
sanDns: ["string"],
sanEmails: ["string"],
sanIps: ["string"],
algorithm: "string",
state: "string",
locality: "string",
});
type: venafi:Certificate
properties:
algorithm: string
certificateDn: string
commonName: string
country: string
csrOrigin: string
csrPem: string
customFields:
string: string
ecdsaCurve: string
expirationWindow: 0
issuerHint: string
keyPassword: string
locality: string
nickname: string
organization: string
organizationalUnits:
- string
pkcs12: string
privateKeyPem: string
renewRequired: false
rsaBits: 0
sanDns:
- string
sanEmails:
- string
sanIps:
- string
sanUris:
- string
state: string
validDays: 0
Certificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Certificate resource accepts the following input properties:
- Common
Name This property is required. Changes to this property will trigger replacement.
- The common name of the certificate.
- Algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - Certificate
Dn string - Country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- Csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - Csr
Pem string - Custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- Ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- Expiration
Window int - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - Issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - Key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- Locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- Nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- Organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- Organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- Pkcs12 string
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - Private
Key stringPem - The private key in PEM format.
- Renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- Rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - San
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- San
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- San
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- San
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- State
Changes to this property will trigger replacement.
- State of the certificate (S)
- Valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- Common
Name This property is required. Changes to this property will trigger replacement.
- The common name of the certificate.
- Algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - Certificate
Dn string - Country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- Csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - Csr
Pem string - Custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- Ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- Expiration
Window int - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - Issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - Key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- Locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- Nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- Organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- Organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- Pkcs12 string
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - Private
Key stringPem - The private key in PEM format.
- Renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- Rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - San
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- San
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- San
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- San
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- State
Changes to this property will trigger replacement.
- State of the certificate (S)
- Valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- common
Name This property is required. Changes to this property will trigger replacement.
- The common name of the certificate.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate
Dn String - country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr
Pem String - custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration
Window Integer - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 String
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private
Key StringPem - The private key in PEM format.
- renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- common
Name This property is required. Changes to this property will trigger replacement.
- The common name of the certificate.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate
Dn string - country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr
Pem string - custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration
Window number - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 string
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private
Key stringPem - The private key in PEM format.
- renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- common_
name This property is required. Changes to this property will trigger replacement.
- The common name of the certificate.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate_
dn str - country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr_
origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr_
pem str - custom_
fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa_
curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration_
window int - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer_
hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key_
password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational_
units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 str
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private_
key_ strpem - The private key in PEM format.
- renew_
required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa_
bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san_
dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san_
emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san_
ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san_
uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid_
days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- common
Name This property is required. Changes to this property will trigger replacement.
- The common name of the certificate.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate
Dn String - country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr
Pem String - custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration
Window Number - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 String
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private
Key StringPem - The private key in PEM format.
- renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
Outputs
All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:
- Certificate
Details string - The X509 certificate in PEM format.
- Certificate
Id string - ID of the issued certificate
- Chain string
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- Id string
- The provider-assigned unique ID for this managed resource.
- Certificate string
- The X509 certificate in PEM format.
- Certificate
Id string - ID of the issued certificate
- Chain string
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- Id string
- The provider-assigned unique ID for this managed resource.
- certificate String
- The X509 certificate in PEM format.
- certificate
Id String - ID of the issued certificate
- chain String
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- id String
- The provider-assigned unique ID for this managed resource.
- certificate string
- The X509 certificate in PEM format.
- certificate
Id string - ID of the issued certificate
- chain string
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- id string
- The provider-assigned unique ID for this managed resource.
- certificate str
- The X509 certificate in PEM format.
- certificate_
id str - ID of the issued certificate
- chain str
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- id str
- The provider-assigned unique ID for this managed resource.
- certificate String
- The X509 certificate in PEM format.
- certificate
Id String - ID of the issued certificate
- chain String
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Certificate Resource
Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
algorithm: Optional[str] = None,
certificate: Optional[str] = None,
certificate_dn: Optional[str] = None,
certificate_id: Optional[str] = None,
chain: Optional[str] = None,
common_name: Optional[str] = None,
country: Optional[str] = None,
csr_origin: Optional[str] = None,
csr_pem: Optional[str] = None,
custom_fields: Optional[Mapping[str, str]] = None,
ecdsa_curve: Optional[str] = None,
expiration_window: Optional[int] = None,
issuer_hint: Optional[str] = None,
key_password: Optional[str] = None,
locality: Optional[str] = None,
nickname: Optional[str] = None,
organization: Optional[str] = None,
organizational_units: Optional[Sequence[str]] = None,
pkcs12: Optional[str] = None,
private_key_pem: Optional[str] = None,
renew_required: Optional[bool] = None,
rsa_bits: Optional[int] = None,
san_dns: Optional[Sequence[str]] = None,
san_emails: Optional[Sequence[str]] = None,
san_ips: Optional[Sequence[str]] = None,
san_uris: Optional[Sequence[str]] = None,
state: Optional[str] = None,
valid_days: Optional[int] = None) -> Certificate
func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)
public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)
public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)
resources: _: type: venafi:Certificate get: id: ${id}
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - Certificate
Details string - The X509 certificate in PEM format.
- Certificate
Dn string - Certificate
Id string - ID of the issued certificate
- Chain string
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- Common
Name Changes to this property will trigger replacement.
- The common name of the certificate.
- Country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- Csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - Csr
Pem string - Custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- Ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- Expiration
Window int - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - Issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - Key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- Locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- Nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- Organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- Organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- Pkcs12 string
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - Private
Key stringPem - The private key in PEM format.
- Renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- Rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - San
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- San
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- San
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- San
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- State
Changes to this property will trigger replacement.
- State of the certificate (S)
- Valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- Algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - Certificate string
- The X509 certificate in PEM format.
- Certificate
Dn string - Certificate
Id string - ID of the issued certificate
- Chain string
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- Common
Name Changes to this property will trigger replacement.
- The common name of the certificate.
- Country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- Csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - Csr
Pem string - Custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- Ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- Expiration
Window int - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - Issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - Key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- Locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- Nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- Organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- Organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- Pkcs12 string
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - Private
Key stringPem - The private key in PEM format.
- Renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- Rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - San
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- San
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- San
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- San
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- State
Changes to this property will trigger replacement.
- State of the certificate (S)
- Valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate String
- The X509 certificate in PEM format.
- certificate
Dn String - certificate
Id String - ID of the issued certificate
- chain String
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- common
Name Changes to this property will trigger replacement.
- The common name of the certificate.
- country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr
Pem String - custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration
Window Integer - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 String
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private
Key StringPem - The private key in PEM format.
- renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate string
- The X509 certificate in PEM format.
- certificate
Dn string - certificate
Id string - ID of the issued certificate
- chain string
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- common
Name Changes to this property will trigger replacement.
- The common name of the certificate.
- country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr
Pem string - custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration
Window number - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 string
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private
Key stringPem - The private key in PEM format.
- renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate str
- The X509 certificate in PEM format.
- certificate_
dn str - certificate_
id str - ID of the issued certificate
- chain str
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- common_
name Changes to this property will trigger replacement.
- The common name of the certificate.
- country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr_
origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr_
pem str - custom_
fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa_
curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration_
window int - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer_
hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key_
password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational_
units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 str
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private_
key_ strpem - The private key in PEM format.
- renew_
required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa_
bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san_
dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san_
emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san_
ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san_
uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid_
days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
- algorithm
Changes to this property will trigger replacement.
- Key encryption algorithm, either RSA or ECDSA. Defaults to
RSA
. - certificate String
- The X509 certificate in PEM format.
- certificate
Dn String - certificate
Id String - ID of the issued certificate
- chain String
- The trust chain of X509 certificate authority certificates in PEM format concatenated together.
- common
Name Changes to this property will trigger replacement.
- The common name of the certificate.
- country
Changes to this property will trigger replacement.
- Country of the certificate (C)
- csr
Origin Changes to this property will trigger replacement.
- Whether key-pair generation will be
local
orservice
generated. Default islocal
. - csr
Pem String - custom
Fields Changes to this property will trigger replacement.
- Collection of Custom Field name-value pairs to assign to the certificate.
- ecdsa
Curve Changes to this property will trigger replacement.
- ECDSA curve to use when generating a key
- expiration
Window Number - Number of hours before certificate expiry to request a new certificate.
Defaults to
168
. - issuer
Hint Changes to this property will trigger replacement.
- Used with
valid_days
to indicate the target issuer when using Trust Protection Platform. Relevant values are:DigiCert
,Entrust
, andMicrosoft
. - key
Password Changes to this property will trigger replacement.
- The password used to encrypt the private key.
- locality
Changes to this property will trigger replacement.
- Locality/City of the certificate (L)
- nickname
Changes to this property will trigger replacement.
- Use to specify a name for the new certificate object that will be created and placed in a policy. Only valid for Trust Protection Platform.
- organization
Changes to this property will trigger replacement.
- Organization of the certificate (O)
- organizational
Units Changes to this property will trigger replacement.
- List of Organizational Units of the certificate (OU)
- pkcs12 String
- A base64-encoded PKCS#12 keystore secured by the
key_password
. Useful when working with resources like azure key_vault_certificate. - private
Key StringPem - The private key in PEM format.
- renew
Required Changes to this property will trigger replacement.
- Indicates the certificate should be reissued. This means the resource will destroyed and recreated
- rsa
Bits Changes to this property will trigger replacement.
- Number of bits to use when generating an RSA key. Applies when algorithm is
RSA
. Defaults to2048
. - san
Dns Changes to this property will trigger replacement.
- List of DNS names to use as alternative subjects of the certificate.
- san
Emails Changes to this property will trigger replacement.
- List of email addresses to use as alternative subjects of the certificate.
- san
Ips Changes to this property will trigger replacement.
- List of IP addresses to use as alternative subjects of the certificate.
- san
Uris Changes to this property will trigger replacement.
- List of Uniform Resource Identifiers (URIs) to use as alternative subjects of the certificate.
- state
Changes to this property will trigger replacement.
- State of the certificate (S)
- valid
Days Changes to this property will trigger replacement.
- Desired number of days for which the new certificate will be valid.
Package Details
- Repository
- Venafi pulumi/pulumi-venafi
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
venafi
Terraform Provider.