ListClientCertificate - Certificate Management Service - Alibaba Cloud Documentation Center

Queries the details of all client and server-side certificates.

Operation description

This API performs a paged query to retrieve the details of all client and server-side certificates that you have created. These details include the unique identifier, serial number, subject information, content, and status of each certificate.

QPS limit

The QPS limit for a single user is 10 calls per second. If you exceed this limit, your API calls are throttled, which may affect your business. Call this API at a reasonable rate.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

yundun-cert:ListClientCertificate

list

*All Resource

*

None

Request parameters

Parameter	Type	Required	Description	Example
CurrentPage	integer	No	The page number. The default value is 1.	1
ShowSize	integer	No	The number of certificates to return on each page. The default value is 20.	20
Identifier	string	No	The unique identifier of the client or server-side certificate that you want to query. Note You can call ListClientCertificate to query the unique identifiers of all client and server-side certificates.	160ae6bb538d538c70c01f81dcf2****
ResourceGroupId	string	No	The ID of the resource group. Call the ListResources operation to obtain this ID.	rg-ae******4wia

When you call this API, you must include the common request parameters for Alibaba Cloud APIs in addition to the request parameters described in this topic.

For the request format, see the request example in the Examples section of this topic.

Response elements

Element	Type	Description	Example
	object	ListCertificateResponse2
CertificateList	array<object>	A list of details about the client or server-side certificates.
	object	An object.
X509Certificate	string	The content of the certificate.	-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----
Identifier	string	The unique identifier of the certificate.	d3b95700998e47afc4d95f886579****
SerialNumber	string	The serial number of the certificate.	62b2b943a32d96883a6650e672ea0276****
SubjectDN	string	The Distinguished Name (DN) of the certificate. The DN indicates the user of the certificate and contains the following information: C: The country. O: The organization. OU: The department. L: The city. ST: The province or state. CN: The common name.	C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun
CommonName	string	The common name of the certificate.	aliyundoc.com
OrganizationUnit	string	The name of the department of the organization that is associated with the issuing subordinate certificate authority (CA) certificate.	Security
Organization	string	The name of the organization that is associated with the issuing subordinate CA certificate.	阿里云计算有限公司
Locality	string	The city where the organization associated with the issuing subordinate CA certificate is located.	Hangzhou
State	string	The name of the province or state where the organization associated with the issuing subordinate CA certificate is located.	Zhejiang
CountryCode	string	The country code of the country where the organization associated with the issuing subordinate CA certificate is located. For more information about country codes, see the Country codes section of Manage company information.	CN
Sans	string	The Subject Alternative Name (SAN) extension of the certificate. This extension indicates other domain names, IP addresses, and so on that are associated with the certificate. This parameter is a string that is converted from a JSON array. Each element in the JSON array is a struct that corresponds to a SAN extension. Each SAN extension struct contains the following parameters: Type: The type of the extension. This parameter is of the Integer type. Valid values: 1: an email address. 2: a domain name. 6: a Uniform Resource Identifier (URI). 7: an IP address. Value: The content of the extension. This parameter is of the String type.	[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]
Status	string	The status of the certificate. Valid values: ISSUE: The certificate is issued. REVOKE: The certificate is revoked.	ISSUE
BeforeDate	integer	The issuance date of the certificate. This value is a UNIX timestamp. Unit: milliseconds.	1634283958000
AfterDate	integer	The expiration date of the certificate. This value is a UNIX timestamp. Unit: milliseconds.	1665819958000
Algorithm	string	The type of the encryption algorithm of the certificate. Valid values: RSA: RSA algorithm. ECC: ECC algorithm. SM2: SM2 algorithm.	RSA
KeySize	integer	The key length of the certificate.	4096
SignAlgorithm	string	The signature algorithm of the certificate.	SHA256WITHRSA
CertificateType	string	The type of the certificate. Valid values: CLIENT: a client certificate. SERVER: a server-side certificate.	SERVER
ParentIdentifier	string	The unique identifier of the subordinate CA certificate that issued this certificate.	160ae6bb538d538c70c01f81dcf2****
Sha2	string	The SHA-256 fingerprint of the certificate.	14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****
Md5	string	The MD5 fingerprint of the certificate.	d3b95700998e47afc4d95f886579****
Days	integer	The validity period of the certificate. Unit: days.	365
ResourceGroupId	string	The ID of the resource group to which the certificate belongs.	rg-acfmyxa2uv6cu5a
CustomIdentifier	string	The custom identifier, which is a unique key.	**48d8d3ecc9976d9ecd2b2f25**
Id	integer	The primary key ID of the certificate.
AliasName	string	The name of the issued certificate.
CurrentPage	integer	The page number of the returned page.	1
PageCount	integer	The total number of pages.	1
ShowSize	integer	The number of certificates returned per page.	20
TotalCount	integer	The total number of client and server-side certificates that are queried.	1
RequestId	string	The ID of the request.	15C66C7B-671A-4297-9187-2C4477247A74
MaxResults	integer	Paging parameter: the maximum number of entries in the result set.

Examples

Success response

JSON format

{
  "CertificateList": [
    {
      "X509Certificate": "-----BEGIN CERTIFICATE-----  ...... -----END CERTIFICATE-----",
      "Identifier": "d3b95700998e47afc4d95f886579****",
      "SerialNumber": "62b2b943a32d96883a6650e672ea0276****",
      "SubjectDN": "C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun",
      "CommonName": "aliyundoc.com",
      "OrganizationUnit": "Security",
      "Organization": "阿里云计算有限公司",
      "Locality": "Hangzhou",
      "State": "Zhejiang",
      "CountryCode": "CN",
      "Sans": "[ {\"Type\": 7, \"Value\": \"192.0.XX.XX\"}, {\"Type\": 2, \"Value\": \"www.aliyundoc.com\"}, ]",
      "Status": "ISSUE",
      "BeforeDate": 1634283958000,
      "AfterDate": 1665819958000,
      "Algorithm": "RSA",
      "KeySize": 4096,
      "SignAlgorithm": "SHA256WITHRSA",
      "CertificateType": "SERVER",
      "ParentIdentifier": "160ae6bb538d538c70c01f81dcf2****",
      "Sha2": "14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****",
      "Md5": "d3b95700998e47afc4d95f886579****",
      "Days": 365,
      "ResourceGroupId": "rg-acfmyxa2uv6cu5a",
      "CustomIdentifier": "****48d8d3ecc9976d9ecd2b2f25****",
      "Id": 0,
      "AliasName": ""
    }
  ],
  "CurrentPage": 1,
  "PageCount": 1,
  "ShowSize": 20,
  "TotalCount": 1,
  "RequestId": "15C66C7B-671A-4297-9187-2C4477247A74",
  "MaxResults": 0
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.