Get started
Yandex Certificate Manager

Certificate

A set of methods for managing certificates.

JSON Representation

{
  "id": "string",
  "folderId": "string",
  "createdAt": "string",
  "name": "string",
  "description": "string",
  "labels": "object",
  "type": "string",
  "domains": [
    "string"
  ],
  "status": "string",
  "issuer": "string",
  "subject": "string",
  "serial": "string",
  "updatedAt": "string",
  "issuedAt": "string",
  "notAfter": "string",
  "notBefore": "string",
  "challenges": [
    {
      "domain": "string",
      "type": "string",
      "createdAt": "string",
      "updatedAt": "string",
      "status": "string",
      "message": "string",
      "error": "string",

      // `challenges[]` includes only one of the fields `dnsChallenge`, `httpChallenge`
      "dnsChallenge": {
        "name": "string",
        "type": "string",
        "value": "string"
      },
      "httpChallenge": {
        "url": "string",
        "content": "string"
      },
      // end of the list of possible fields`challenges[]`

    }
  ]
}
Field Description
id string

ID of the certificate. Generated at creation time.
folderId string

ID of the folder that the certificate belongs to.
createdAt string (date-time)

Creation timestamp.

String in RFC3339 text format.
name string

Name of the certificate. The name is unique within the folder.
description string

Description of the certificate.
labels object

Certificate labels as key:value pairs.
type string

Type of the certificate.

Supported certificate types.

  • IMPORTED: The certificate is imported by user.
  • MANAGED: The certificate is created by service.
domains[] string

Fully qualified domain names of the certificate.
status string

Status of the certificate.

  • VALIDATING: The certificate domains validation are required. Used only for managed certificates.
  • INVALID: The certificate issuance is failed. Used only for managed certificates.
  • ISSUED: The certificate is issued.
  • REVOKED: The certificate is revoked.
  • RENEWING: The certificate renewal is started. Used only for managed certificates.
  • RENEWAL_FAILED: The certificate renewal is failed. Used only for managed certificates.
issuer string

Distinguished Name of the certificate authority that issued the certificate.
subject string

Distinguished Name of the entity that is associated with the public key contained in the certificate.
serial string

Serial number of the certificate.
updatedAt string (date-time)

Time when the certificate is updated.

String in RFC3339 text format.
issuedAt string (date-time)

Time when the certificate is issued.

String in RFC3339 text format.
notAfter string (date-time)

Time after which the certificate is not valid.

String in RFC3339 text format.
notBefore string (date-time)

Time before which the certificate is not valid.

String in RFC3339 text format.
challenges[] object

Domain validation challenge.
challenges[].
domain		 string

Domain of the challenge.
challenges[].
type		 string
Type of the challenge.

Supported domain validation types.

  • DNS: Domain validation type that using DNS-records.
  • HTTP: Domain validation type that using HTTP-files.
challenges[].
createdAt		 string (date-time)

Time when the challenge is created.

String in RFC3339 text format.
challenges[].
updatedAt		 string (date-time)

Time when the challenge is updated.

String in RFC3339 text format.
challenges[].
status		 string
Status of the challenge.
  • PENDING: The challenge is waiting to be completed.
  • PROCESSING: The challenge is awaiting approval from Let's Encrypt.
  • VALID: The challenge is complete.
  • INVALID: The rights check for a specific domain failed or the one-week period allocated for the check expired.
challenges[].
message		 string

Description of the challenge.
challenges[].
error		 string

Error of the challenge.
challenges[].
dnsChallenge		 object
challenges[] includes only one of the fields dnsChallenge, httpChallenge
challenges[].
dnsChallenge.
name		 string

Name of the DNS record.
challenges[].
dnsChallenge.
type		 string

Type of the DNS-record.
challenges[].
dnsChallenge.
value		 string

Value of the DNS-record.
challenges[].
httpChallenge		 object
challenges[] includes only one of the fields dnsChallenge, httpChallenge
challenges[].
httpChallenge.
url		 string

Location of the HTTP file.
challenges[].
httpChallenge.
content		 string

Content of the HTTP file.

Methods

Method Description
create Creates a certificate in the specified folder.
delete Deletes the specified certificate.
get Returns the specified certificate.
list Returns the list of certificates in the specified folder.
listAccessBindings Lists existing access bindings for the specified certificate.
listOperations Lists operations for the specified certificate.
requestNew Request a certificate in the specified folder.
setAccessBindings Sets access bindings for the certificate.
update Updates the specified certificate.
updateAccessBindings Updates access bindings for the specified certificate.
In this article: