Skip to main content

Certificate

Certificate

type Certificate {
fingerprint: ID!
issuanceCertificateAuthorityAccount: CertificateAuthorityAccount
productOption: CertificateAuthorityProductOption
importCertificateAuthorityAccount: CertificateAuthorityAccount
importOption: CertificateAuthorityImportOption
lastImportRunId: UUID
revocation: Revocation
id: ID!
name: String!
issuer: DirectoryName
validity: CertificateValidity
status: CertificateStatus!
isCurrent: Boolean!
isCA: Boolean!
isSelfSigned: Boolean!
archivedTime: DateTime
creationTime: DateTime!
lastModifiedTime: DateTime!
subject: DirectoryName
subjectAlternativeNames: [GeneralName!]
serialNumber: String!
publicKeyInformation: PublicKeyInformation!
signatureAlgorithm: String!
signatureHashAlgorithm: String!
extendedKeyUsages: [String!]
keyUsages: [CertificateKeyUsage!]
chain: [Certificate!]
relatedCertificates(
after: String
before: String
first: Int
last: Int
orderBy: [RelatedCertificateOrderInput!]
): CertificateConnection
certificateValidationErrors: [ValidationError!]
certificateErrorCount: ValidationErrorCount!
origins: [String!]!
groupId: ID!
lastModifiedBy: ID @deprecated
lastModifiedByUser: User
subjectKeyIdentifierHash: String!
authorityKeyIdentifierHash: String!
ocspNoCheck: Boolean!
pathLength: Int
requireExplicitPolicy: Int
inhibitPolicyMapping: Int
inhibitAnyPolicy: Int
globalRevocation: GlobalRevocation
isPublic: Boolean
projectedRenewals: ProjectedRenewals!
cloudInstallations: MachineIdentityConnection
compliancePolicyFindings: CompliancePolicyFindingConnection
tlsServerEndpoints(
after: String
before: String
first: Int
last: Int
): TLSServerEndpointConnection
errorCount: ValidationErrorCount!
certificateRequest: CertificateRequest
applications: [Application!]
dekHash: String
lastNotification: Int!
networkDiscovery: [NetworkDiscovery!]
hasTLSServerEndpoints: Boolean
hasTLSServerEndpointsValidationErrors: Boolean
machineInstallations(
after: String
before: String
first: Int
last: Int
): MachineInstallationConnection
tags: [Tag!]
clusterCertificateInstallations(
after: String
before: String
first: Int
last: Int
): ClusterCertificateInstallationConnection
hasClusterSourceTag: Boolean!
aggregatedKubernetesLabels: [AggregatedKubernetesTag]!
aggregatedKubernetesAnnotations: [AggregatedKubernetesTag]!
certManagerIssuer: CertManagerIssuer
}

Fields

Certificate.fingerprint ● ID! non-null scalar

The SHA-1 digest of the entire raw certificate

Certificate.issuanceCertificateAuthorityAccount ● CertificateAuthorityAccount object

Certificate.productOption ● CertificateAuthorityProductOption object

Certificate.importCertificateAuthorityAccount ● CertificateAuthorityAccount object

Certificate.importOption ● CertificateAuthorityImportOption object

Certificate.lastImportRunId ● UUID scalar

Certificate.revocation ● Revocation object

Certificate.id ● ID! non-null scalar

Certificate.name ● String! non-null scalar

Certificate.issuer ● DirectoryName object

Certificate.validity ● CertificateValidity object

Certificate.status ● CertificateStatus! non-null enum

Certificate.isCurrent ● Boolean! non-null scalar

Indicates if this certificate is the current (i.e. last) version of the certificate

Certificate.isCA ● Boolean! non-null scalar

Indicates if this certificate is a certificate authority certificate

Certificate.isSelfSigned ● Boolean! non-null scalar

Indicates if this certificate is a self signed certificate

Certificate.archivedTime ● DateTime scalar

Timestamp when a new version of this certificate was found (i.e. when isCurrent was set to FALSE)

Certificate.creationTime ● DateTime! non-null scalar

Timestamp when the certificate was created

Certificate.lastModifiedTime ● DateTime! non-null scalar

Timestamp of the last modification

Certificate.subject ● DirectoryName object

Certificate.subjectAlternativeNames ● [GeneralName!] list union

Certificate.serialNumber ● String! non-null scalar

Certificate.publicKeyInformation ● PublicKeyInformation! non-null union

Certificate.signatureAlgorithm ● String! non-null scalar

Certificate.signatureHashAlgorithm ● String! non-null scalar

Certificate.extendedKeyUsages ● [String!] list scalar

Certificate.keyUsages ● [CertificateKeyUsage!] list enum

Certificate.chain ● [Certificate!] list object

The certificates in the chain. This will return null for nested certificates.

All other versions of the current certificate. This will return null for nested certificates. The pagination can be either forward or backward. To enable forward pagination, two arguments are used: after and first. To enable backward pagination, two arguments are used: before and last. However, 'after' and 'before' arguments are only valid for 'certificate' queries (i.e. single certificate result) If arguments for both forward and backward pagination are supplied, forward pagination will be used. If no arguments are supplied, it returns the first page of 10 certificates (i.e. defaults first to 10). If orderBy is not specified, the result will be sorted by fingerprints in ascending order.

Certificate.certificateValidationErrors ● [ValidationError!] list interface

Certificate.certificateErrorCount ● ValidationErrorCount! non-null object

Certificate.origins ● [String!]! non-null scalar

Certificate.groupId ● ID! non-null scalar

The group ID for this certificate. This is used to group older and newer versions of the same certificate.

Certificate.lastModifiedByUser ● User object

The user that last modified the certificate record, if any

Certificate.subjectKeyIdentifierHash ● String! non-null scalar

The subjectKeyIdentifier SHA1 hash value

Certificate.authorityKeyIdentifierHash ● String! non-null scalar

The authorityKeyIdentifier SHA1 hash value

Certificate.ocspNoCheck ● Boolean! non-null scalar

Returns true if the 'id-pkix-ocsp-nocheck' extension is defined

Certificate.pathLength ● Int scalar

The maximum path length for certificates subordinate to this certificate. This is only present for CA certificates

Certificate.requireExplicitPolicy ● Int scalar

Policy constraint indicating the number of additional certificates that may appear in the path before an explicit policy is required for the entire path

Certificate.inhibitPolicyMapping ● Int scalar

Policy constraint indicating the number of additional certificates that may appear in the path before policy mapping is no longer permitted

Certificate.inhibitAnyPolicy ● Int scalar

Indicates the number of additional non-self-issued certificates that may appear in the path before anyPolicy is no longer permitted

Certificate.globalRevocation ● GlobalRevocation object

Indicates the global revocation status of a certificate

Certificate.isPublic ● Boolean scalar

Indicates whether the certificate is issued by a trusted third-party Certificate Authority, such as DigiCert, GlobalSign, and is globally recognized by operating systems, browsers, and external users. When the value is true, the certificate is confirmed to be public. Otherwise, the public/private status of the certificate is unknown or cannot be determined.

Certificate.projectedRenewals ● ProjectedRenewals! non-null object

Indicates the number of times this certificate would be renewed in the future in a given year according to validity of the certificate. and CAB mandates

Certificate.cloudInstallations ● MachineIdentityConnection object

Certificate.compliancePolicyFindings ● CompliancePolicyFindingConnection object

CompliancePolicyFindings shows how many findings a particular certificate has against it

Certificate.tlsServerEndpoints ● TLSServerEndpointConnection object

Certificate.tlsServerEndpoints.after ● String scalar
Certificate.tlsServerEndpoints.before ● String scalar
Certificate.tlsServerEndpoints.first ● Int scalar
Certificate.tlsServerEndpoints.last ● Int scalar

Certificate.errorCount ● ValidationErrorCount! non-null object

Certificate.certificateRequest ● CertificateRequest object

Certificate.applications ● [Application!] list object

Certificate.dekHash ● String scalar

Certificate.lastNotification ● Int! non-null scalar

Certificate.networkDiscovery ● [NetworkDiscovery!] list object

Certificate.hasTLSServerEndpoints ● Boolean scalar

Certificate.hasTLSServerEndpointsValidationErrors ● Boolean scalar

Certificate.machineInstallations ● MachineInstallationConnection object

Machine installations collection associated with the certificate.

Certificate.machineInstallations.after ● String scalar
Certificate.machineInstallations.before ● String scalar
Certificate.machineInstallations.first ● Int scalar
Certificate.machineInstallations.last ● Int scalar

Certificate.tags ● [Tag!] list object

Certificate.clusterCertificateInstallations ● ClusterCertificateInstallationConnection object

Certificate.clusterCertificateInstallations.after ● String scalar
Certificate.clusterCertificateInstallations.before ● String scalar
Certificate.clusterCertificateInstallations.first ● Int scalar
Certificate.clusterCertificateInstallations.last ● Int scalar

Certificate.hasClusterSourceTag ● Boolean! non-null scalar

Certificate.aggregatedKubernetesLabels ● [AggregatedKubernetesTag]! non-null object

Certificate.aggregatedKubernetesAnnotations ● [AggregatedKubernetesTag]! non-null object

Certificate.certManagerIssuer ● CertManagerIssuer object

Show deprecated

Returned By

approveCertificateRevocation mutation ● certificate query ● getAllCertificates query ● getCertificate query ● revokeCertificate mutation

Member Of

Certificate object ● CertificateConnection object ● CertificateConnectionWithAggregates object ● CertificateEdge object ● ClusterCertificateBinding object ● ClusterSecret object ● CodeSignCertificateValues object ● MachineIdentity object

Implemented By

FindingResource union