Certificate
Certificate
type Certificate {
fingerprint: ID!
issuanceCertificateAuthorityAccount: CertificateAuthorityAccount
productOption: CertificateAuthorityProductOption
importCertificateAuthorityAccount: CertificateAuthorityAccount
importOption: CertificateAuthorityImportOption
lastImportRunId: UUID
revocation: Revocation
id: ID!
name: String!
issuer: DirectoryName
validity: CertificateValidity
status: CertificateStatus!
isCurrent: Boolean!
isCA: Boolean!
isSelfSigned: Boolean!
archivedTime: DateTime
creationTime: DateTime!
lastModifiedTime: DateTime!
subject: DirectoryName
subjectAlternativeNames: [GeneralName!]
serialNumber: String!
publicKeyInformation: PublicKeyInformation!
signatureAlgorithm: String!
signatureHashAlgorithm: String!
extendedKeyUsages: [String!]
keyUsages: [CertificateKeyUsage!]
chain: [Certificate!]
relatedCertificates(
after: String
before: String
first: Int
last: Int
orderBy: [RelatedCertificateOrderInput!]
): CertificateConnection
certificateValidationErrors: [ValidationError!]
certificateErrorCount: ValidationErrorCount!
origins: [String!]!
groupId: ID!
lastModifiedBy: ID @deprecated
lastModifiedByUser: User
subjectKeyIdentifierHash: String!
authorityKeyIdentifierHash: String!
ocspNoCheck: Boolean!
pathLength: Int
requireExplicitPolicy: Int
inhibitPolicyMapping: Int
inhibitAnyPolicy: Int
globalRevocation: GlobalRevocation
isPublic: Boolean
projectedRenewals: ProjectedRenewals!
cloudInstallations: MachineIdentityConnection
compliancePolicyFindings: CompliancePolicyFindingConnection
tlsServerEndpoints(
after: String
before: String
first: Int
last: Int
): TLSServerEndpointConnection
errorCount: ValidationErrorCount!
certificateRequest: CertificateRequest
applications: [Application!]
dekHash: String
lastNotification: Int!
networkDiscovery: [NetworkDiscovery!]
hasTLSServerEndpoints: Boolean
hasTLSServerEndpointsValidationErrors: Boolean
machineInstallations(
after: String
before: String
first: Int
last: Int
): MachineInstallationConnection
tags: [Tag!]
clusterCertificateInstallations(
after: String
before: String
first: Int
last: Int
): ClusterCertificateInstallationConnection
hasClusterSourceTag: Boolean!
aggregatedKubernetesLabels: [AggregatedKubernetesTag]!
aggregatedKubernetesAnnotations: [AggregatedKubernetesTag]!
certManagerIssuer: CertManagerIssuer
}
Fields
Certificate.fingerprint ● ID! non-null scalar
The SHA-1 digest of the entire raw certificate
Certificate.issuanceCertificateAuthorityAccount ● CertificateAuthorityAccount object
Certificate.productOption ● CertificateAuthorityProductOption object
Certificate.importCertificateAuthorityAccount ● CertificateAuthorityAccount object
Certificate.importOption ● CertificateAuthorityImportOption object
Certificate.lastImportRunId ● UUID scalar
Certificate.revocation ● Revocation object
Certificate.id ● ID! non-null scalar
Certificate.name ● String! non-null scalar
Certificate.issuer ● DirectoryName object
Certificate.validity ● CertificateValidity object
Certificate.status ● CertificateStatus! non-null enum
Certificate.isCurrent ● Boolean! non-null scalar
Indicates if this certificate is the current (i.e. last) version of the certificate
Certificate.isCA ● Boolean! non-null scalar
Indicates if this certificate is a certificate authority certificate
Certificate.isSelfSigned ● Boolean! non-null scalar
Indicates if this certificate is a self signed certificate
Certificate.archivedTime ● DateTime scalar
Timestamp when a new version of this certificate was found (i.e. when isCurrent was set to FALSE)
Certificate.creationTime ● DateTime! non-null scalar
Timestamp when the certificate was created
Certificate.lastModifiedTime ● DateTime! non-null scalar
Timestamp of the last modification
Certificate.subject ● DirectoryName object
Certificate.subjectAlternativeNames ● [GeneralName!] list union
Certificate.serialNumber ● String! non-null scalar
Certificate.publicKeyInformation ● PublicKeyInformation! non-null union
Certificate.signatureAlgorithm ● String! non-null scalar
Certificate.signatureHashAlgorithm ● String! non-null scalar
Certificate.extendedKeyUsages ● [String!] list scalar
Certificate.keyUsages ● [CertificateKeyUsage!] list enum
Certificate.chain ● [Certificate!] list object
The certificates in the chain. This will return null for nested certificates.
Certificate.relatedCertificates ● CertificateConnection object
All other versions of the current certificate. This will return null for nested certificates.
The pagination can be either forward or backward. To enable forward pagination, two arguments are
used: after and first. To enable backward pagination, two arguments are used: before and last.
However, 'after' and 'before' arguments are only valid for 'certificate' queries (i.e. single certificate result)
If arguments for both forward and backward pagination are supplied, forward pagination will be used. If no arguments
are supplied, it returns the first page of 10 certificates (i.e. defaults first to 10). If orderBy is not
specified, the result will be sorted by fingerprints in ascending order.
Certificate.relatedCertificates.after ● String scalar
Certificate.relatedCertificates.before ● String scalar
Certificate.relatedCertificates.first ● Int scalar
Certificate.relatedCertificates.last ● Int scalar
Certificate.relatedCertificates.orderBy ● [RelatedCertificateOrderInput!] list input
Certificate.certificateValidationErrors ● [ValidationError!] list interface
Certificate.certificateErrorCount ● ValidationErrorCount! non-null object
Certificate.origins ● [String!]! non-null scalar
Certificate.groupId ● ID! non-null scalar
The group ID for this certificate. This is used to group older and newer versions of the same certificate.
Certificate.lastModifiedByUser ● User object
The user that last modified the certificate record, if any
Certificate.subjectKeyIdentifierHash ● String! non-null scalar
The subjectKeyIdentifier SHA1 hash value
Certificate.authorityKeyIdentifierHash ● String! non-null scalar
The authorityKeyIdentifier SHA1 hash value
Certificate.ocspNoCheck ● Boolean! non-null scalar
Returns true if the 'id-pkix-ocsp-nocheck' extension is defined
Certificate.pathLength ● Int scalar
The maximum path length for certificates subordinate to this certificate. This is only present for CA certificates
Certificate.requireExplicitPolicy ● Int scalar
Policy constraint indicating the number of additional certificates that may appear in the path before an explicit policy is required for the entire path
Certificate.inhibitPolicyMapping ● Int scalar
Policy constraint indicating the number of additional certificates that may appear in the path before policy mapping is no longer permitted
Certificate.inhibitAnyPolicy ● Int scalar
Indicates the number of additional non-self-issued certificates that may appear in the path before anyPolicy is no longer permitted
Certificate.globalRevocation ● GlobalRevocation object
Indicates the global revocation status of a certificate
Certificate.isPublic ● Boolean scalar
Indicates whether the certificate is issued by a trusted third-party Certificate Authority, such as DigiCert, GlobalSign, and is globally recognized by operating systems, browsers, and external users. When the value is true, the certificate is confirmed to be public. Otherwise, the public/private status of the certificate is unknown or cannot be determined.
Certificate.projectedRenewals ● ProjectedRenewals! non-null object
Indicates the number of times this certificate would be renewed in the future in a given year according to validity of the certificate. and CAB mandates
Certificate.cloudInstallations ● MachineIdentityConnection object
Certificate.compliancePolicyFindings ● CompliancePolicyFindingConnection object
CompliancePolicyFindings shows how many findings a particular certificate has against it
Certificate.tlsServerEndpoints ● TLSServerEndpointConnection object
Certificate.tlsServerEndpoints.after ● String scalar
Certificate.tlsServerEndpoints.before ● String scalar
Certificate.tlsServerEndpoints.first ● Int scalar
Certificate.tlsServerEndpoints.last ● Int scalar
Certificate.errorCount ● ValidationErrorCount! non-null object
Certificate.certificateRequest ● CertificateRequest object
Certificate.applications ● [Application!] list object
Certificate.dekHash ● String scalar
Certificate.lastNotification ● Int! non-null scalar
Certificate.networkDiscovery ● [NetworkDiscovery!] list object
Certificate.hasTLSServerEndpoints ● Boolean scalar
Certificate.hasTLSServerEndpointsValidationErrors ● Boolean scalar
Certificate.machineInstallations ● MachineInstallationConnection object
Machine installations collection associated with the certificate.
Certificate.machineInstallations.after ● String scalar
Certificate.machineInstallations.before ● String scalar
Certificate.machineInstallations.first ● Int scalar
Certificate.machineInstallations.last ● Int scalar
Certificate.tags ● [Tag!] list object
Certificate.clusterCertificateInstallations ● ClusterCertificateInstallationConnection object
Certificate.clusterCertificateInstallations.after ● String scalar
Certificate.clusterCertificateInstallations.before ● String scalar
Certificate.clusterCertificateInstallations.first ● Int scalar
Certificate.clusterCertificateInstallations.last ● Int scalar
Certificate.hasClusterSourceTag ● Boolean! non-null scalar
Certificate.aggregatedKubernetesLabels ● [AggregatedKubernetesTag]! non-null object
Certificate.aggregatedKubernetesAnnotations ● [AggregatedKubernetesTag]! non-null object
Certificate.certManagerIssuer ● CertManagerIssuer object
Show deprecated
Returned By
approveCertificateRevocation mutation ● certificate query ● getAllCertificates query ● getCertificate query ● revokeCertificate mutation
Member Of
Certificate object ● CertificateConnection object ● CertificateConnectionWithAggregates object ● CertificateEdge object ● ClusterCertificateBinding object ● ClusterSecret object ● CodeSignCertificateValues object ● MachineIdentity object
Implemented By
FindingResource union