Data Source: oci_certificates_management_certificate

This data source provides details about a specific Certificate resource in Oracle Cloud Infrastructure Certificates Management service.

Gets details about the specified certificate.

Example Usage

data "oci_certificates_management_certificate" "test_certificate" {
	#Required
	certificate_id = oci_certificates_management_certificate.test_certificate.id
}

Argument Reference

The following arguments are supported:

• certificate_id - (Required) The OCID of the certificate.

Attributes Reference

The following attributes are exported:

• certificate_profile_type - The name of the profile used to create the certificate, which depends on the type of certificate you need.
• certificate_revocation_list_details - The details of the certificate revocation list (CRL).
  • custom_formatted_urls - Optional CRL access points, expressed using a format where the version number of the issuing CA is inserted wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
  • object_storage_config - The details of the Object Storage bucket configured to store the certificate revocation list (CRL).
    • object_storage_bucket_name - The name of the bucket where the CRL is stored.
    • object_storage_namespace - The tenancy of the bucket where the CRL is stored.
    • object_storage_object_name_format - The object name in the bucket where the CRL is stored, expressed using a format where the version number of the issuing CA is inserted as part of the Object Storage object name wherever you include a pair of curly braces. This versioning scheme helps avoid collisions when new CA versions are created. For example, myCrlFileIssuedFromCAVersion{}.crl becomes myCrlFileIssuedFromCAVersion2.crl for CA version 2.
• certificate_rules - A list of rules that control how the certificate is used and managed.
  • advance_renewal_period - A property specifying the period of time, in days, before the certificate’s targeted renewal that the process should occur. Expressed in ISO 8601 format.
  • renewal_interval - A property specifying how often, in days, a certificate should be renewed. Expressed in ISO 8601 format.
  • rule_type - The type of rule.
• compartment_id - The OCID of the compartment where you want to create the certificate.
• config_type - The origin of the certificate.
• current_version - The details of the certificate version. This object does not contain the certificate contents.
  • certificate_id - The OCID of the certificate.
  • issuer_ca_version_number - The version number of the issuing certificate authority (CA).
  • revocation_status - The current revocation status of the entity.
    • revocation_reason - The reason the certificate or certificate authority (CA) was revoked.
    • time_of_revocation - The time when the entity was revoked, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
  • serial_number - A unique certificate identifier used in certificate revocation tracking, formatted as octets. Example: 03 AC FC FA CC B3 CB 02 B8 F8 DE F5 85 E7 7B FF
  • stages - A list of rotation states for this certificate version.
  • subject_alternative_names - A list of subject alternative names.
    • type - The subject alternative name type. Currently only DNS domain or host names and IP addresses are supported.
    • value - The subject alternative name.
  • time_created - A optional property indicating the time when the certificate version was created, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
  • time_of_deletion - An optional property indicating when to delete the certificate version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
  • validity - An object that describes a period of time during which an entity is valid. If this is not provided when you create a certificate, the validity of the issuing CA is used.
    • time_of_validity_not_after - The date on which the certificate validity period ends, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
    • time_of_validity_not_before - The date on which the certificate validity period begins, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
  • version_name - The name of the certificate version. When the value is not null, a name is unique across versions of a given certificate.
  • version_number - The version number of the certificate.
• defined_tags - Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
• description - A brief description of the certificate. Avoid entering confidential information.
• freeform_tags - Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
• id - The OCID of the certificate.
• issuer_certificate_authority_id - The OCID of the certificate authority (CA) that issued the certificate.
• key_algorithm - The algorithm used to create key pairs.
• lifecycle_details - Additional information about the current lifecycle state of the certificate.
• name - A user-friendly name for the certificate. Names are unique within a compartment. Avoid entering confidential information. Valid characters are uppercase or lowercase letters, numbers, hyphens, underscores, and periods.
• signature_algorithm - The algorithm used to sign the public key certificate.
• state - The current lifecycle state of the certificate.
• subject - The subject of the certificate, which is a distinguished name that identifies the entity that owns the public key in the certificate.
  • common_name - Common name or fully-qualified domain name (RDN CN).
  • country - Country name (RDN C).
  • distinguished_name_qualifier - Distinguished name qualifier(RDN DNQ).
  • domain_component - Domain component (RDN DC).
  • generation_qualifier - Personal generational qualifier (for example, Sr., Jr. 3rd, or IV).
  • given_name - Personal given name (RDN G or GN).
  • initials - Personal initials.
  • locality_name - Locality (RDN L).
  • organization - Organization (RDN O).
  • organizational_unit - Organizational unit (RDN OU).
  • pseudonym - Subject pseudonym.
  • serial_number - Unique subject identifier, which is not the same as the certificate serial number (RDN SERIALNUMBER).
  • state_or_province_name - State or province name (RDN ST or S).
  • street - Street address (RDN STREET).
  • surname - Personal surname (RDN SN).
  • title - Title (RDN T or TITLE).
  • user_id - User ID (RDN UID).
• time_created - A property indicating when the certificate was created, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z
• time_of_deletion - An optional property indicating when to delete the certificate version, expressed in RFC 3339 timestamp format. Example: 2019-04-03T21:10:29.600Z