Class: Google::Cloud::Security::PrivateCA::V1::CertificateDescription

Inherits:

Object

• Object
• Google::Cloud::Security::PrivateCA::V1::CertificateDescription

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/cloud/security/privateca/v1/resources.rb

Overview

A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

Defined Under Namespace

Classes: CertificateFingerprint, KeyId, SubjectDescription

Instance Attribute Summary

• #aia_issuing_certificate_urls ⇒ ::Array<::String>

  Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

• #authority_key_id ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId

  Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1.

• #cert_fingerprint ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::CertificateFingerprint

  The hash of the x.509 certificate.

• #crl_distribution_points ⇒ ::Array<::String>

  Describes a list of locations to obtain CRL information, i.e.

• #public_key ⇒ ::Google::Cloud::Security::PrivateCA::V1::PublicKey

  The public key that corresponds to an issued certificate.

• #subject_description ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::SubjectDescription

  Describes some of the values in a certificate that are related to the subject and lifetime.

• #subject_key_id ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId

  Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

• #tbs_certificate_digest ⇒ ::String

  The hash of the pre-signed certificate, which will be signed by the CA.

• #x509_description ⇒ ::Google::Cloud::Security::PrivateCA::V1::X509Parameters

  Describes some of the technical X.509 fields in a certificate.

Instance Attribute Details

#aia_issuing_certificate_urls ⇒ ::Array<::String>

Returns Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

Returns:

• (::Array<::String>) —

  Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#authority_key_id ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId

Returns Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1.

Returns:

• (::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId) —

  Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#cert_fingerprint ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::CertificateFingerprint

Returns The hash of the x.509 certificate.

Returns:

• (::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::CertificateFingerprint) —

  The hash of the x.509 certificate.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#crl_distribution_points ⇒ ::Array<::String>

Returns Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13.

Returns:

• (::Array<::String>) —

  Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#public_key ⇒ ::Google::Cloud::Security::PrivateCA::V1::PublicKey

Returns The public key that corresponds to an issued certificate.

Returns:

• (::Google::Cloud::Security::PrivateCA::V1::PublicKey) —

  The public key that corresponds to an issued certificate.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#subject_description ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::SubjectDescription

Returns Describes some of the values in a certificate that are related to the subject and lifetime.

Returns:

• (::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::SubjectDescription) —

  Describes some of the values in a certificate that are related to the subject and lifetime.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#subject_key_id ⇒ ::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId

Returns Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

Returns:

• (::Google::Cloud::Security::PrivateCA::V1::CertificateDescription::KeyId) —

  Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#tbs_certificate_digest ⇒ ::String

Returns The hash of the pre-signed certificate, which will be signed by the CA. Corresponds to the TBS Certificate in https://tools.ietf.org/html/rfc5280#section-4.1.2. The field will always be populated.

Returns:

• (::String) —

  The hash of the pre-signed certificate, which will be signed by the CA. Corresponds to the TBS Certificate in https://tools.ietf.org/html/rfc5280#section-4.1.2. The field will always be populated.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end

#x509_description ⇒ ::Google::Cloud::Security::PrivateCA::V1::X509Parameters

Returns Describes some of the technical X.509 fields in a certificate.

Returns:

• (::Google::Cloud::Security::PrivateCA::V1::X509Parameters) —

  Describes some of the technical X.509 fields in a certificate.

# File 'proto_docs/google/cloud/security/privateca/v1/resources.rb', line 1237

class CertificateDescription
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # These values describe fields in an issued X.509 certificate such as the
  # distinguished name, subject alternative names, serial number, and lifetime.
  # @!attribute [rw] subject
  #   @return [::Google::Cloud::Security::PrivateCA::V1::Subject]
  #     Contains distinguished name fields such as the common name, location and
  #     / organization.
  # @!attribute [rw] subject_alt_name
  #   @return [::Google::Cloud::Security::PrivateCA::V1::SubjectAltNames]
  #     The subject alternative name fields.
  # @!attribute [rw] hex_serial_number
  #   @return [::String]
  #     The serial number encoded in lowercase hexadecimal.
  # @!attribute [rw] lifetime
  #   @return [::Google::Protobuf::Duration]
  #     For convenience, the actual lifetime of an issued certificate.
  # @!attribute [rw] not_before_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time at which the certificate becomes valid.
  # @!attribute [rw] not_after_time
  #   @return [::Google::Protobuf::Timestamp]
  #     The time after which the certificate is expired.
  #     Per RFC 5280, the validity period for a certificate is the period of time
  #     from not_before_time through not_after_time, inclusive.
  #     Corresponds to 'not_before_time' + 'lifetime' - 1 second.
  class SubjectDescription
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A KeyId identifies a specific public key, usually by hashing the public
  # key.
  # @!attribute [rw] key_id
  #   @return [::String]
  #     Optional. The value of this KeyId encoded in lowercase hexadecimal. This
  #     is most likely the 160 bit SHA-1 hash of the public key.
  class KeyId
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # A group of fingerprints for the x509 certificate.
  # @!attribute [rw] sha256_hash
  #   @return [::String]
  #     The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
  class CertificateFingerprint
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end
end