This operation queries the details of a specific client certificate or server-side certificate using its unique identifier.
Operation description
You can call this operation to query the details of a client certificate or a server-side certificate by its unique identifier. The details include the serial number, subject, content, and status of the certificate.
Before you call this operation, you must create a client certificate or a server-side certificate.
To create a client certificate by calling an API, see the following topics:
To create a server-side certificate by calling an API, see the following topics:
Limits
The queries per second (QPS) limit for this API call is 10 per user. If you exceed this limit, throttling is triggered, which may affect your business. Plan your calls accordingly.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
yundun-cert:DescribeClientCertificate |
get |
*All Resource
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| Identifier |
string |
Yes |
The unique identifier of the client certificate or server-side certificate to query. Note
Call ListClientCertificate to query the unique identifiers of all client certificates and server-side certificates. |
d3b95700998e47afc4d95f886579**** |
In addition to the preceding request parameters, you must specify common request parameters when you call this API. For more information about common request parameters, see Common Parameters.
For the request format, see the request sample in the Examples section of this topic.
Response elements
|
Element |
Type |
Description |
Example |
|
object |
DescribeCertificateResponse<CertificateWithContentDTO> |
||
| Certificate |
object |
The details of the client certificate or server-side certificate. |
|
| X509Certificate |
string |
The content of the certificate. |
-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE----- |
| Identifier |
string |
The unique identifier of the certificate. |
d3b95700998e47afc4d95f886579**** |
| SerialNumber |
string |
The serial number of the certificate. |
62b2b943a32d96883a6650e672ea0276**** |
| SubjectDN |
string |
The subject Distinguished Name (DN) of the certificate. This value is composed of the following fields:
|
C=CN,O=Aliyun,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun |
| CommonName |
string |
The common name of the certificate. |
aliyun.com |
| OrganizationUnit |
string |
The organizational unit of the certificate subject. |
Security |
| Organization |
string |
The organization associated with the certificate of the issuing subordinate CA. |
Aliyun |
| Locality |
string |
The city where the subject organization is located. |
Hangzhou |
| State |
string |
The state or province where the subject organization is located. |
Zhejiang |
| CountryCode |
string |
The country code of the subject organization. For more information about country codes, see the International codes section in Manage company profiles. |
CN |
| Sans |
string |
The Subject Alternative Name (SAN) extension of the certificate. The SAN extension indicates other domain names or IP addresses that are associated with the certificate. This parameter is a string that is converted from a JSON array. Each element in the JSON array is a struct that corresponds to a SAN extension. Each SAN extension struct contains the following parameters:
|
[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ] |
| Status |
string |
The status of the certificate. Valid values:
|
ISSUE |
| BeforeDate |
integer |
The issuance date of the certificate. This value is a UNIX timestamp. Unit: milliseconds. |
1634283958000 |
| AfterDate |
integer |
The expiration date of the certificate. This value is a UNIX timestamp. Unit: milliseconds. |
1665819958000 |
| Algorithm |
string |
The type of the encryption algorithm. Valid values:
|
RSA |
| KeySize |
integer |
The key length of the certificate. |
4096 |
| SignAlgorithm |
string |
The signature algorithm of the certificate. |
SHA256WITHRSA |
| CertificateType |
string |
The type of the certificate. Valid values:
|
SERVER |
| ParentIdentifier |
string |
The unique identifier of the subordinate CA certificate that issued the certificate. |
160ae6bb538d538c70c01f81dcf2**** |
| Sha2 |
string |
The SHA-256 fingerprint of the certificate. |
14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9**** |
| Md5 |
string |
The MD5 fingerprint of the certificate. |
d3b95700998e47afc4d95f886579**** |
| Days |
integer |
The validity period of the certificate. Unit: days. |
365 |
| ResourceGroupId |
string |
The ID of the resource group to which the certificate belongs. |
rg-acfmxllajdpw3fi |
| CertChain |
string |
The complete certificate chain. |
-----BEGIN CERTIFICATE----- cert -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- subCA -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- rootCA -----END CERTIFICATE----- |
| CustomIdentifier |
string |
The custom identifier, which is a unique key. |
***3a32d96883a6650e672ea0276**** |
| UploadFlag |
integer |
Indicates whether the certificate is synchronized to Digital Certificate Management Service. |
1 |
| FullAlgorithm |
string |
The algorithm and its length. |
RSA_2048 |
| AliasName |
string |
The alias of the issued certificate. |
rsa_root_2048 |
| Id |
integer |
The ID of the data source to which the certificate order belongs. |
1137354 |
| Tags |
array<object> |
The list of tags. |
mtls |
|
object |
The tag value. |
||
| TagKey |
string |
The tag key. |
testKey |
| TagValue |
string |
The tag value. |
[{\"tag\":\"PROPERTY_TYPE\",\"values\":[]}] |
| RequestId |
string |
The ID of the request. |
15C66C7B-671A-4297-9187-2C4477247A74 |
Examples
Success response
JSON format
{
"Certificate": {
"X509Certificate": "-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----",
"Identifier": "d3b95700998e47afc4d95f886579****",
"SerialNumber": "62b2b943a32d96883a6650e672ea0276****",
"SubjectDN": "C=CN,O=Aliyun,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun",
"CommonName": "aliyun.com",
"OrganizationUnit": "Security",
"Organization": "Aliyun",
"Locality": "Hangzhou",
"State": "Zhejiang",
"CountryCode": "CN",
"Sans": "[ {\"Type\": 7, \"Value\": \"192.0.XX.XX\"}, {\"Type\": 2, \"Value\": \"www.aliyundoc.com\"}, ]",
"Status": "ISSUE",
"BeforeDate": 1634283958000,
"AfterDate": 1665819958000,
"Algorithm": "RSA",
"KeySize": 4096,
"SignAlgorithm": "SHA256WITHRSA",
"CertificateType": "SERVER",
"ParentIdentifier": "160ae6bb538d538c70c01f81dcf2****",
"Sha2": "14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****",
"Md5": "d3b95700998e47afc4d95f886579****",
"Days": 365,
"ResourceGroupId": "rg-acfmxllajdpw3fi",
"CertChain": "-----BEGIN CERTIFICATE-----\ncert\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nsubCA\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nrootCA\n-----END CERTIFICATE-----",
"CustomIdentifier": "***3a32d96883a6650e672ea0276****",
"UploadFlag": 1,
"FullAlgorithm": "RSA_2048",
"AliasName": "rsa_root_2048",
"Id": 1137354,
"Tags": [
{
"TagKey": "testKey",
"TagValue": "[{\\\"tag\\\":\\\"PROPERTY_TYPE\\\",\\\"values\\\":[]}]"
}
]
},
"RequestId": "15C66C7B-671A-4297-9187-2C4477247A74"
}
Error codes
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.