diff options
Diffstat (limited to 'data/zh_cn/cas/2020-06-30/api-docs.php')
| -rw-r--r-- | data/zh_cn/cas/2020-06-30/api-docs.php | 9540 |
1 files changed, 9540 insertions, 0 deletions
diff --git a/data/zh_cn/cas/2020-06-30/api-docs.php b/data/zh_cn/cas/2020-06-30/api-docs.php new file mode 100644 index 0000000..5baa51e --- /dev/null +++ b/data/zh_cn/cas/2020-06-30/api-docs.php @@ -0,0 +1,9540 @@ +<?php return [ + 'version' => '1.0', + 'info' => [ + 'style' => 'RPC', + 'product' => 'cas', + 'version' => '2020-06-30', + ], + 'directories' => [ + [ + 'children' => [ + 'CreateRootCACertificate', + 'CreateSubCACertificate', + 'CreateExternalCACertificate', + 'GetCAInstanceStatus', + 'DescribeCACertificateCount', + 'DescribeCACertificateList', + 'DescribeCACertificate', + 'UpdateCACertificateStatus', + ], + 'type' => 'directory', + 'title' => '私有CA证书', + 'id' => 35713, + ], + [ + 'children' => [ + 'CreateCustomCertificate', + 'CreateClientCertificate', + 'CreateClientCertificateWithCsr', + 'CreateServerCertificate', + 'CreateServerCertificateWithCsr', + 'CreateRevokeClientCertificate', + 'DeleteClientCertificate', + 'DescribeCertificatePrivateKey', + 'DescribeClientCertificate', + 'DescribeClientCertificateStatus', + 'ListClientCertificate', + 'ListRevokeCertificate', + ], + 'type' => 'directory', + 'title' => '客户端和服务端证书', + 'id' => 35721, + ], + [ + 'children' => [ + 'ListPcaCaCertificate', + 'ListCert', + 'UploadPcaCertToCas', + 'AssignCertificateCount', + 'DescribeClientCertificateForSerialNumber', + 'DescribeClientCertificateStatusForSerialNumber', + 'DescribePcaAndExternalCACertificateList', + 'ListAllEndEntityInstance', + 'ListCACertificateLog', + 'ListTagResources', + 'MoveResourceGroup', + 'TagResources', + 'UntagResources', + 'UpdatePcaCertificate', + ], + 'type' => 'directory', + 'title' => '其他', + 'id' => 124246, + ], + ], + 'components' => [ + 'schemas' => [], + ], + 'apis' => [ + 'AssignCertificateCount' => [ + 'methods' => [ + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '121082', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Id', + 'in' => 'query', + 'schema' => [ + 'description' => '证书所属数据源id。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '33285', + ], + ], + [ + 'name' => 'CertTotalCount', + 'in' => 'query', + 'schema' => [ + 'description' => '证书记录总数。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '5', + ], + ], + ], + 'responses' => [ + 200 => [ + 'headers' => [], + 'schema' => [ + 'title' => 'OpenApiResponse<AssignCertificateCountResult>', + 'description' => 'OpenApiResponse<AssignCertificateCountResult>', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => 'E77C4794-F24F-58CB-9929-F0F0C0EDE7B2', + ], + 'CertCount' => [ + 'description' => '已分配证书数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '2', + ], + 'CurrentYearFreeCertCount' => [ + 'description' => '当前免费证书数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '分配证书数量', + 'summary' => '分配证书使用数量', + 'description' => '本接口用于查询您已创建的CA证书(包括根CA证书、子CA证书)的数量。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:AssignCertificateCount', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E77C4794-F24F-58CB-9929-F0F0C0EDE7B2\\",\\n \\"CertCount\\": 2,\\n \\"CurrentYearFreeCertCount\\": 0\\n}","type":"json"}]', + ], + 'CreateClientCertificate' => [ + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83504', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'SanType', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书支持的扩展信息SAN(Subject Alternative Name)类型。取值:'."\n" + ."\n" + .'- **1**:表示邮箱。'."\n" + .'- **6**:表示统一资源标志符URI(Uniform Resource Identifier)。'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'SanValue', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的具体扩展信息。支持输入多个扩展信息,如果您需要输入多个扩展信息,请用半角逗号(,)将其隔开。', + 'type' => 'string', + 'required' => false, + 'example' => '[email protected]', + ], + ], + [ + 'name' => 'Organization', + 'in' => 'query', + 'schema' => [ + 'description' => '机构名称,默认:Alibaba Inc。', + 'type' => 'string', + 'required' => false, + 'example' => '阿里云', + ], + ], + [ + 'name' => 'OrganizationUnit', + 'in' => 'query', + 'schema' => [ + 'description' => '部门名称,默认:Aliyun CDN。', + 'type' => 'string', + 'required' => false, + 'example' => 'IT', + ], + ], + [ + 'name' => 'Country', + 'in' => 'query', + 'schema' => [ + 'description' => '所属国家,默认:CN。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + ], + [ + 'name' => 'CommonName', + 'in' => 'query', + 'schema' => [ + 'description' => '表示证书使用者的名称。客户端认证(ClientAuth)证书使用者一般是自然人、公司、组织或某个应用,建议填写使用者的通用名称。例如,张三、阿里巴巴、阿里云密码平台、天猫精灵等。', + 'type' => 'string', + 'required' => false, + 'example' => 'aliyun', + ], + ], + [ + 'name' => 'State', + 'in' => 'query', + 'schema' => [ + 'description' => '<props="china">设置证书组织机构所在省份、直辖市或自治区的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">设置证书组织机构所在省份或州的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份或州的名称。</props>'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Zhejiang', + ], + ], + [ + 'name' => 'Locality', + 'in' => 'query', + 'schema' => [ + 'description' => '设置证书组织机构所在城市的名称。支持使用中文、英文字符等。'."\n" + .'默认为签发该证书的子CA证书的组织机构所在城市的名称。', + 'type' => 'string', + 'required' => false, + 'example' => '杭州市', + ], + ], + [ + 'name' => 'Algorithm', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的密钥算法。密钥算法使用`<加密算法>_<密钥长度>`格式表示。取值:'."\n" + ."\n" + .'- **RSA_1024**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_2048**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_4096**:对应签名算法为Sha256WithRSA。'."\n" + .'- **ECC_256**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_384**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_512**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **SM2_256**:对应签名算法为SM3WithSM2。'."\n" + ."\n" + .'客户端证书的加密算法必须与子CA证书一致,密钥长度可以不一致。例如:子CA证书的密钥算法为RSA_2048,则客户端证书的密钥算法必须是RSA_1024、RSA_2048、RSA_4096中的一种。'."\n" + ."\n" + .'>您可以调用[DescribeCACertificate](~~465954~~)查询子CA证书的密钥算法。', + 'type' => 'string', + 'required' => false, + 'example' => 'RSA_2048', + ], + ], + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '签发该证书的子CA证书的唯一识别码。'."\n" + .'>您可以调用[DescribeCACertificateList]查询子CA证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '273ae6bb538d538c70c01f81jh2****', + 'docRequired' => true, + ], + ], + [ + 'name' => 'Years', + 'in' => 'query', + 'schema' => [ + 'description' => '购买证书的时长。单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '5', + ], + ], + [ + 'name' => 'Months', + 'in' => 'query', + 'schema' => [ + 'description' => '购买证书的时长。单位:月。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Days', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的有效期。单位:天。'."\n" + .'**Days**、**BeforeTime**、**AfterTime**参数不能同时为空,并且**BeforeTime**、**AfterTime**参数必须同时为空或者同时设置。该参数具体设置说明如下:'."\n" + ."\n" + .'- 当设置**Days**参数时,您可以选择同时设置**BeforeTime**、**AfterTime**参数或者不设置**BeforeTime**、**AfterTime**参数。'."\n" + .'- 当不设置**Days**参数时,您必须设置**BeforeTime**、**AfterTime**参数。'."\n" + ."\n" + .'>- 当您同时设置**Days**、**BeforeTime**、**AfterTime**参数时,客户端证书的有效期以**Days**参数的值为准。'."\n" + .'- 客户端证书的有效期不能超过子CA证书的有效期。您可以调用[DescribeCACertificate](~~465954~~)查看子CA证书的有效期。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '365', + ], + ], + [ + 'name' => 'BeforeTime', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的签发时间,使用时间戳格式,默认为您调用该接口的时间。单位:秒。'."\n" + ."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1634283958', + ], + ], + [ + 'name' => 'AfterTime', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的服务到期时间,使用时间戳格式。单位:秒。'."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1665819958', + ], + ], + [ + 'name' => 'Immediately', + 'in' => 'query', + 'schema' => [ + 'description' => '立即返回数字证书。'."\n" + .'- **0**,不返回。默认值。'."\n" + .'- **1**,返回证书。'."\n" + .'- **2**, 返回证书及其证书链 。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'EnableCrl', + 'in' => 'query', + 'schema' => [ + 'description' => '是否包含CRL地址'."\n" + ."\n" + .'0 - 否'."\n" + .'1 - 是', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'account', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => '1', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源分组ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-aek****wia', + ], + ], + [ + 'name' => 'CustomIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'required' => false, + 'example' => '****6bb538d538c70c01f81jh2****', + ], + ], + [ + 'name' => 'AliasName', + 'in' => 'query', + 'schema' => [ + 'description' => '设置签发证书的名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'cert-name', + ], + ], + [ + 'name' => 'ClientToken', + 'in' => 'formData', + 'schema' => [ + 'description' => '用于保证请求的幂等性。由客户端生成该参数值,要保证在不同请求间唯一,最大值不超过64个ASCII字符,且该参数值中不能包含非ASCII字符。', + 'type' => 'string', + 'required' => false, + 'example' => 'XXX', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'description' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '客户端证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => 'CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n', + ], + 'Identifier' => [ + 'description' => '客户端证书的唯一识别码。', + 'type' => 'string', + 'example' => '190ae6bb538d538c70c01f81dcf2****', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。', + 'type' => 'string', + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '8C467B38-3910-447D-87BC-AC049166F216', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '基于系统自动生成的CSR签发单个客户端证书', + 'summary' => '基于系统自动生成的CSR签发单个客户端证书', + 'description' => '调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书,并且调用[CreateSubCACertificate](~~465959~~)创建了子CA证书。只有子CA证书才能签发客户端证书。'."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateClientCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n\\",\\n \\"Identifier\\": \\"190ae6bb538d538c70c01f81dcf2****\\",\\n \\"SerialNumber\\": \\"084bde9cd233f0ddae33adc438cfbbbd****\\",\\n \\"RequestId\\": \\"8C467B38-3910-447D-87BC-AC049166F216\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateClientCertificateResponse>\\n <Identifier>190ae6bb538d538c70c01f81dcf2****</Identifier>\\n <RootX509Certificate>-----BEGIN CERTIFICATE-----\\\\n......\\\\n-----END CERTIFICATE-----</RootX509Certificate>\\n <ParentX509Certificate>-----BEGIN CERTIFICATE-----\\\\n......\\\\n-----END CERTIFICATE-----</ParentX509Certificate>\\n <RequestId>8C467B38-3910-447D-87BC-AC049166F216</RequestId>\\n <X509Certificate>-----BEGIN CERTIFICATE-----\\\\n......\\\\n-----END CERTIFICATE-----</X509Certificate>\\n <CertificateChain>-----BEGIN CERTIFICATE-----\\\\n......\\\\n-----END CERTIFICATE-----\\\\n-----BEGIN CERTIFICATE-----\\\\n......\\\\n-----END CERTIFICATE-----\\\\n</CertificateChain>\\n</CreateClientCertificateResponse>","errorExample":""}]', + ], + 'CreateClientCertificateWithCsr' => [ + 'summary' => '基于自定义的CSR签发单个客户端证书', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83505', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Csr', + 'in' => 'query', + 'schema' => [ + 'description' => 'CSR内容。您可以通过OpenSSL工具或者Keytool工具生成CSR。更多信息,请参见[如何制作CSR文件](~~42218~~)。'."\n" + .'<props="china">您也可以通过SSL证书控制台创建CSR。更多信息,请参见[创建CSR](~~313297~~)。</props>'."\n", + 'type' => 'string', + 'required' => false, + 'example' => '-----BEGIN CERTIFICATE REQUEST----- ...... -----END CERTIFICATE REQUEST-----', + ], + ], + [ + 'name' => 'SanType', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的扩展信息SAN(Subject Alternative Name)的类型。取值:'."\n" + ."\n" + .'- **1**:表示邮箱。'."\n" + .'- **6**:表示统一资源标志符URI(Uniform Resource Identifier)。'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'SanValue', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的具体扩展信息。支持输入多个扩展信息,如果您需要输入多个扩展信息,请用半角逗号(,)将其隔开。', + 'type' => 'string', + 'required' => false, + 'example' => '[email protected]', + ], + ], + [ + 'name' => 'Organization', + 'in' => 'query', + 'schema' => [ + 'description' => '机构名称,默认:Alibaba Inc。', + 'type' => 'string', + 'required' => false, + 'example' => '阿里云计算有限公司', + ], + ], + [ + 'name' => 'OrganizationUnit', + 'in' => 'query', + 'schema' => [ + 'description' => '部门名称,默认:Aliyun CDN。', + 'type' => 'string', + 'required' => false, + 'example' => 'Security', + ], + ], + [ + 'name' => 'Country', + 'in' => 'query', + 'schema' => [ + 'description' => '国家代码,例如**CN**、**US**。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + ], + [ + 'name' => 'CommonName', + 'in' => 'query', + 'schema' => [ + 'description' => '设置证书的公用名。支持使用中文、英文字符等。'."\n" + .'>如果您设置了**CsrPemString**参数,则**CommonName**参数取值以**CsrPemString**参数中的对应信息为准。', + 'type' => 'string', + 'required' => false, + 'example' => 'aliyundoc.com', + ], + ], + [ + 'name' => 'State', + 'in' => 'query', + 'schema' => [ + 'description' => '<props="china">设置证书组织机构所在省份、直辖市或自治区的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">设置证书组织机构所在省份或州的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份或州的名称。</props>'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Zhejiang', + ], + ], + [ + 'name' => 'Locality', + 'in' => 'query', + 'schema' => [ + 'description' => '设置证书组织机构所在城市的名称。支持使用中文、英文字符等。'."\n" + .'默认为签发该证书的子CA证书的组织机构所在城市的名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'Hangzhou', + ], + ], + [ + 'name' => 'Algorithm', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的密钥算法。密钥算法使用`<加密算法>_<密钥长度>`格式表示。取值:'."\n" + ."\n" + .'- **RSA_1024**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_2048**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_4096**:对应签名算法为Sha256WithRSA。'."\n" + .'- **ECC_256**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_384**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_512**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **SM2_256**:对应签名算法为SM3WithSM2。'."\n" + ."\n" + .'客户端证书的加密算法必须与子CA证书一致,密钥长度可以不一致。例如:子CA证书的密钥算法为RSA_2048,则客户端证书的密钥算法必须是RSA_1024、RSA_2048、RSA_4096中的一种。'."\n" + ."\n" + .'>您可以调用[DescribeCACertificate](~~465954~~)查询子CA证书的密钥算法。', + 'type' => 'string', + 'required' => false, + 'example' => 'RSA_2048', + ], + ], + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '签发该证书的子CA证书的唯一识别码。'."\n" + .'>您可以调用[DescribeCACertificateList](~~465957~~)查询子CA证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '270ae6bb538d538c70c01f81fg3****', + ], + ], + [ + 'name' => 'Years', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Months', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。单位:月。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '12', + ], + ], + [ + 'name' => 'Days', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的有效期。单位:天。'."\n" + .'**Days**、**BeforeTime**、**AfterTime**参数不能同时为空,同时**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。该参数具体设置说明如下:'."\n" + ."\n" + .'- 当设置**Days**参数时,您可以选择同时设置**BeforeTime**和**AfterTime**参数或者不设置**BeforeTime**和**AfterTime**参数。'."\n" + .'- 当不设置**Days**参数时,您必须设置**BeforeTime**和**AfterTime**参数。'."\n" + ."\n" + .'>- 当您同时设置**Days**、**BeforeTime**、**AfterTime**参数时,客户端证书的有效期以**Days**参数的值为准。'."\n" + .'- 客户端证书的有效期不能超过子CA证书的有效期。您可以调用[DescribeCACertificate](~~465954~~)查看子CA证书的有效期。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '365', + ], + ], + [ + 'name' => 'BeforeTime', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的签发时间,使用时间戳格式,默认为您调用该接口的时间。单位:秒。'."\n" + ."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1634283958', + ], + ], + [ + 'name' => 'AfterTime', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端证书的服务到期时间,使用时间戳格式。单位:秒。'."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1665819958', + ], + ], + [ + 'name' => 'Immediately', + 'in' => 'query', + 'schema' => [ + 'description' => '立即返回数字证书。'."\n" + .'- **0**,不返回。默认值。'."\n" + .'- **1**,返回证书。'."\n" + .'- **2**, 返回证书及其证书链 。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'EnableCrl', + 'in' => 'query', + 'schema' => [ + 'description' => '是否包含CRL地址'."\n" + ."\n" + .'0 - 否 '."\n" + ."\n" + .'1 - 是', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'database', + ], + 'Value' => [ + 'description' => '标签的值(value)。', + 'type' => 'string', + 'required' => false, + 'example' => '1', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '证书所属资源组的ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-ae******4wia', + ], + ], + [ + 'name' => 'CustomIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'required' => false, + 'example' => '***e6bb538d538c70c01f81fg3****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'description' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '客户端证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => 'CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n', + ], + 'Identifier' => [ + 'description' => '客户端证书的唯一识别码。', + 'type' => 'string', + 'example' => '200ae6bb538d538c70c01f81dcf2****', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。', + 'type' => 'string', + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '31C66C7B-671A-4297-9187-2C4477247A74', + ], + 'CertSignBufKmc' => [ + 'description' => '加密证书内容。', + 'type' => 'string', + 'example' => 'MIIDYDCCAwWgAwIBAgIU'."\n" + .'***'."\n" + .'TmTk0CS3WNweqsjMEETyxd2pzU6DA', + ], + 'CertKmcRep1' => [ + 'description' => '加密证书密文。', + 'type' => 'string', + 'example' => 'userSeal=MHkCIEu94PQAahFWuFk%'."\n" + .'***'."\n" + .'EtFw%2FkMMBjw8i5bFfSkV%2FIUrcOJD', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n\\",\\n \\"Identifier\\": \\"200ae6bb538d538c70c01f81dcf2****\\",\\n \\"SerialNumber\\": \\"084bde9cd233f0ddae33adc438cfbbbd****\\",\\n \\"RequestId\\": \\"31C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"CertSignBufKmc\\": \\"MIIDYDCCAwWgAwIBAgIU\\\\n***\\\\nTmTk0CS3WNweqsjMEETyxd2pzU6DA\\",\\n \\"CertKmcRep1\\": \\"userSeal=MHkCIEu94PQAahFWuFk%\\\\n***\\\\nEtFw%2FkMMBjw8i5bFfSkV%2FIUrcOJD\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateClientCertificateWithCsrResponse>\\n <Identifier>200ae6bb538d538c70c01f81dcf2****</Identifier>\\n <RootX509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </RootX509Certificate>\\n <ParentX509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </ParentX509Certificate>\\n <RequestId>31C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <X509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </X509Certificate>\\n <CertificateChain>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n -----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </CertificateChain>\\n</CreateClientCertificateWithCsrResponse>","errorExample":""}]', + 'title' => '基于自定义的CSR签发单个客户端证书', + 'description' => '调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书,并且调用[CreateSubCACertificate](~~465959~~)创建了子CA证书。只有子CA证书才能签发客户端证书。'."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateClientCertificateWithCsr', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateClientCertificateWithCsr', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateCustomCertificate' => [ + 'summary' => '使用指定的证书主体名称、证书主题别名、密钥用法、扩展密钥用法颁发数字证书', + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '171944', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => 'CA证书识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '1ed4068c-6f1b-6deb-8e32-3f8439a851cb', + ], + ], + [ + 'name' => 'Csr', + 'in' => 'query', + 'schema' => [ + 'description' => 'CSR内容。您可以通过OpenSSL工具或者Keytool工具生成CSR。更多信息,请参见[如何制作CSR文件](~~42218~~)。', + 'type' => 'string', + 'required' => true, + 'example' => '-----BEGIN CERTIFICATE REQUEST-----'."\n" + .'MIIBczCCARgCAQAwgYoxFDASBgNVBAMMC2FsaXl1bi50ZXN0MQ0wCwYDVQQ'."\n" + .'...'."\n" + .'...'."\n" + .'...'."\n" + .'vbIgMQIhAKHDWD6/WAMbtezAt4bysJ/BZIDz1jPWuUR5GV4TJ/mS'."\n" + .'-----END CERTIFICATE REQUEST-----', + ], + ], + [ + 'name' => 'Validity', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。不可超过实例有效期。支持使用相对时间和绝对时间。'."\n" + ."\n" + .'相对时间:支持单位年、月、日。'."\n" + ."\n" + .'- 年 - y'."\n" + .'- 月 - m'."\n" + .'- 日 - d'."\n" + ."\n" + .'绝对时间:使用GMT时间。格式:`yyyy-MM-dd\'T\'HH:mm:ss\'Z\'`'."\n" + ."\n" + .'- 指定结束时间 - $NotAfter'."\n" + .'- 指定开始时间和结束时间 - $NotBefore/$NotAfter', + 'type' => 'string', + 'required' => true, + 'example' => '相对时间:'."\n" + .'● 1y'."\n" + .'● 3m'."\n" + .'● 7d'."\n" + ."\n" + .'绝对时间:'."\n" + .'● 2006-01-02T15:04:05Z'."\n" + .'● 2006-01-02T15:04:05Z/2023-03-09T17:48:13Z', + ], + ], + [ + 'name' => 'ApiPassthrough', + 'in' => 'query', + 'style' => 'flat', + 'schema' => [ + 'description' => '透传参数。', + 'type' => 'object', + 'properties' => [ + 'Subject' => [ + 'description' => '证书主体名称。', + 'type' => 'object', + 'properties' => [ + 'Country' => [ + 'description' => '国家代码。使用ISO 3166-1的二位国家代码。参考[ISO](https://www.iso.org/obp/ui/#search/code/)。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + 'State' => [ + 'description' => '<props="china">CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">CA证书关联的组织机构所在省份或州的名称。</props>', + 'type' => 'string', + 'required' => false, + 'example' => '浙江省', + ], + 'Locality' => [ + 'description' => '组织机构所在城市的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => false, + 'example' => '杭州市', + ], + 'Organization' => [ + 'description' => '组织机构名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'XXX公司', + ], + 'OrganizationUnit' => [ + 'description' => '组织机构下部门或分支的名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'XXX部门', + ], + 'CommonName' => [ + 'description' => '证书使用者的通用名称。', + 'type' => 'string', + 'required' => false, + 'example' => '张三', + ], + 'CustomAttributes' => [ + 'description' => '自定义证书的Subject属性。', + 'type' => 'array', + 'items' => [ + 'description' => '自定义证书的Subject属性。', + 'type' => 'object', + 'properties' => [ + 'ObjectIdentifier' => [ + 'description' => '自定义属性键值,需符合行业标准。如:'."\n" + ."\n" + .'- 2.5.4.6:国家代码'."\n" + .'- 2.5.4.10:组织'."\n" + .'- 2.5.4.11:组织单位名称'."\n" + .'- 2.5.4.12:职位'."\n" + .'- 2.5.4.3:通用名称'."\n" + .'- 2.5.4.9:街道'."\n" + .'- 2.5.4.5:序列号名称'."\n" + .'- 2.5.4.7:地区'."\n" + .'- 2.5.4.8:省市'."\n" + .'- 1.3.6.1.4.1.37244.1.1:Matter证书 - 节点ID'."\n" + .'- 1.3.6.1.4.1.37244.1.5:Matter证书 - 结构ID'."\n" + .'- 1.3.6.1.4.1.37244.2.1:Matter证书供应商ID (VID)'."\n" + .'- 1.3.6.1.4.1.37244.2.2:Matter证书产品ID (PID)', + 'type' => 'string', + 'required' => false, + 'example' => '2.5.4.3', + ], + 'Value' => [ + 'description' => '自定义属性属性值。', + 'type' => 'string', + 'required' => false, + 'example' => 'Aliyun', + ], + ], + 'required' => false, + ], + 'required' => false, + ], + ], + 'required' => false, + ], + 'Extensions' => [ + 'description' => '证书扩展项。', + 'type' => 'object', + 'properties' => [ + 'KeyUsage' => [ + 'description' => '密钥用法。', + 'type' => 'object', + 'properties' => [ + 'DigitalSignature' => [ + 'description' => '数字签名。允许使用证书私钥进行数字签名,允许使用证书公钥验证数字签名。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'true', + ], + 'ContentCommitment' => [ + 'description' => '内容承诺。原名称NonRepudiation。允许证书密钥用于内容承诺。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + 'NonRepudiation' => [ + 'description' => '抗抵赖。X.509标准中已更名为ContentCommitment。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + 'KeyEncipherment' => [ + 'description' => '密钥加密。允许证书密钥加密保护其他密钥。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + 'DataEncipherment' => [ + 'description' => '数据加密。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + 'KeyAgreement' => [ + 'description' => '密钥协商。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + 'EncipherOnly' => [ + 'description' => '在KeyAgreement为true时,用于标记该证书密钥只能用于加密。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + 'DecipherOnly' => [ + 'description' => '在KeyAgreement为true时,用于标记该证书密钥只能用于解密。', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + ], + 'required' => false, + ], + 'ExtendedKeyUsages' => [ + 'description' => '扩展密钥用法。', + 'type' => 'array', + 'items' => [ + 'description' => '允许使用以下值:'."\n" + ."\n" + .'- any - 不限制'."\n" + .'- serverAuth - 服务器认证'."\n" + .'- clientAuth - 客户端认证'."\n" + .'- codeSigning - 代码签名'."\n" + .'- emailProtection - 邮件保护'."\n" + .'- timeStamping - 时间戳'."\n" + .'- OCSPSigning - OCSP签名'."\n" + .'- 其他扩展密钥用法OID', + 'type' => 'string', + 'required' => false, + 'example' => '1.3.6.1.4.1.311.20.2.2', + ], + 'required' => false, + ], + 'SubjectAlternativeNames' => [ + 'description' => '证书主体别名。', + 'type' => 'array', + 'items' => [ + 'description' => '证书主体别名。', + 'type' => 'object', + 'properties' => [ + 'Type' => [ + 'title' => 'otherName, rfc822Name, dNSName, x400Address, directoryName, ediPartyName, uniformResourceIdentifier, iPAddress, registeredID', + 'description' => '允许使用以下值:'."\n" + ."\n" + .'- rfc822Name - Email地址'."\n" + .'- dNSName - 域名'."\n" + .'- uniformResourceIdentifier - 统一资源标识符(URI)'."\n" + .'- iPAddress - IP地址', + 'type' => 'string', + 'required' => true, + 'example' => 'dNSName', + ], + 'Value' => [ + 'description' => '符合Type定义的值。', + 'type' => 'string', + 'required' => false, + 'example' => 'rfc822Name:'."\n" + .'example.aliyundoc.com'."\n" + ."\n" + .'dNSName:'."\n" + .'learn.aliyundoc.com'."\n" + ."\n" + .'uniformResourceIdentifier:'."\n" + .'acs:ecs:regionid:15619224785*****:instance/i-bp1bzvz55uz27hf*****'."\n" + ."\n" + .'iPAddress:'."\n" + .'127.0.0.1', + ], + ], + 'required' => false, + ], + 'required' => false, + ], + 'Criticals' => [ + 'description' => '如果是必要参数,则criticals列表中包含参数名。', + 'type' => 'array', + 'items' => [ + 'description' => '必要参数的参数名,如ExtendedKeyUsages。', + 'type' => 'string', + 'required' => false, + 'example' => 'ExtendedKeyUsages', + ], + 'required' => false, + ], + ], + 'required' => false, + ], + 'SerialNumber' => [ + 'description' => '自定义证书的序列号(必须是长整型)。', + 'type' => 'string', + 'required' => false, + 'example' => '16889526086333', + ], + ], + 'required' => false, + ], + ], + [ + 'name' => 'Immediately', + 'in' => 'query', + 'schema' => [ + 'description' => '立即获取证书。'."\n" + ."\n" + .'- 0 - 异步颁发证书。'."\n" + .'- 1 - 立即颁发证书。'."\n" + .'- 2 - 立即颁发证书并返回CA证书链。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '0', + ], + ], + [ + 'name' => 'EnableCrl', + 'in' => 'query', + 'schema' => [ + 'description' => '是否包含CRL地址'."\n" + ."\n" + .'- 0 - 否'."\n" + .'- 1 - 是', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'testKey', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => '1', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源组ID。此ID可通过调用[ListResources](~~2716559~~)接口获取。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-aek****wia', + ], + ], + [ + 'name' => 'customIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '用户自定义标识。', + 'type' => 'string', + 'required' => false, + 'example' => 'XXX068c-6f1b-6deb-8e32-3f8439a8XXX', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'OpenApiResponseV1<EnrollCertificateResultV2>', + 'description' => 'OpenApiResponseV1<EnrollCertificateResultV2>', + 'type' => 'object', + 'properties' => [ + 'Identifier' => [ + 'description' => '证书唯一标识。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Certificate' => [ + 'description' => '证书内容。'."\n" + .'Immediately为1或2时返回。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/'."\n" + .'...'."\n" + .'...'."\n" + .'...'."\n" + .'KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg=='."\n" + .'-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => 'CA证书链。'."\n" + .'Immediately为2时返回。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'MIIBfzCCATGgAwIBAgIUfI5kSdcO2S0+LkpdL3b2VUJG10YwBQYDK2VwMDUxCzAJ'."\n" + .'...'."\n" + .'...'."\n" + .'...'."\n" + .'ZYYG'."\n" + .'-----END CERTIFICATE-----'."\n" + .'-----BEGIN CERTIFICATE-----'."\n" + .'MIIBczCCARgCAQAwgYoxFDASBgNVBAMMC2FsaXl1bi50ZXN0MQ0wCwYDVQQ'."\n" + .'...'."\n" + .'...'."\n" + .'...'."\n" + .'KL5cUmF'."\n" + .'-----END CERTIFICATE-----', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。'."\n" + .'Immediately为1或2时返回。', + 'type' => 'string', + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '12345678-1234-1234-1234-123456789ABC', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Identifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\\\\n...\\\\n...\\\\n...\\\\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\nMIIBfzCCATGgAwIBAgIUfI5kSdcO2S0+LkpdL3b2VUJG10YwBQYDK2VwMDUxCzAJ\\\\n...\\\\n...\\\\n...\\\\nZYYG\\\\n-----END CERTIFICATE-----\\\\n-----BEGIN CERTIFICATE-----\\\\nMIIBczCCARgCAQAwgYoxFDASBgNVBAMMC2FsaXl1bi50ZXN0MQ0wCwYDVQQ\\\\n...\\\\n...\\\\n...\\\\nKL5cUmF\\\\n-----END CERTIFICATE-----\\",\\n \\"SerialNumber\\": \\"084bde9cd233f0ddae33adc438cfbbbd****\\",\\n \\"RequestId\\": \\"12345678-1234-1234-1234-123456789ABC\\"\\n}","type":"json"}]', + 'title' => '颁发自定义证书', + 'description' => '默认从CSR中获取证书主体名称颁发证书。当指定了证书主体名称时,CSR中的证书主体名称将失效,即使用指定的证书主体名称颁发证书。'."\n" + ."\n" + .'必须根据应用场景指定密钥用法或扩展密钥用法。以下是常见应用场景的应用示例:'."\n" + ."\n" + .'- 服务端认证证书'."\n" + ."\n" + .'密钥用法:digitalSignature、keyEncipherment'."\n" + ."\n" + .'扩展密钥用法:serverAuth'."\n" + ."\n" + .'- 客户端认证证书'."\n" + ."\n" + .'密钥用法:digitalSignature、keyEncipherment'."\n" + ."\n" + .'扩展密钥用法:clientAuth'."\n" + ."\n" + .'- mTLS双向认证证书'."\n" + ."\n" + .'密钥用法:digitalSignature、keyEncipherment'."\n" + ."\n" + .'扩展密钥用法:serverAuth、clientAuth'."\n" + ."\n" + .'- 邮件签名证书'."\n" + ."\n" + .'密钥用法:digitalSignature、contentCommitment'."\n" + ."\n" + .'扩展密钥用法:emailProtection'."\n" + ."\n" + .'注意:合规CA由第三方权威机构管理,不支持此接口。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateCustomCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateCustomCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateExternalCACertificate' => [ + 'summary' => '基于CSR和API参数创建并颁发外部子CA证书。', + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => [ + 'title' => '上级CA证书标识。', + 'description' => '需要启用的外部子CA实例ID'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'cas_deposit-cn-1234abcd', + ], + ], + [ + 'name' => 'Csr', + 'in' => 'query', + 'schema' => [ + 'title' => '证书签名请求。', + 'description' => '证书签名请求。可包含CA证书的SubjectDN、CA证书自定义扩展项等。SubjectKeyIdentifier、AuthorityKeyIdentifier、CRLDistributionPoints证书扩展项由CA生成,CSR中的值会被忽略。', + 'type' => 'string', + 'required' => false, + 'example' => '-----BEGIN CERTIFICATE REQUEST-----'."\n" + .'MIIBczCCARgCAQAwgYoxFDASBgNVBAMMC2FsaXl1bi50ZXN0MQ0wCwYDVQQ'."\n" + .'...'."\n" + .'vbIgMQIhAKHDWD6/WAMbtezAt4bysJ/BZIDz1jPWuUR5GV4TJ/mS'."\n" + .'-----END CERTIFICATE REQUEST-----'."\n", + ], + ], + [ + 'name' => 'Validity', + 'in' => 'query', + 'schema' => [ + 'title' => '证书有效期。', + 'description' => '证书有效期。支持使用相对时间和绝对时间。'."\n" + ."\n" + .'> 相对时间:支持单位年、月、日。'."\n" + ."\n" + .'- 年 - y'."\n" + .'- 月 - m'."\n" + .'- 日 - d'."\n" + ."\n" + .'> 绝对时间:使用 GMT 时间。格式:`yyyy-MM-dd\'T\'HH:mm:ss\'Z\'`'."\n" + ."\n" + .'- 指定结束时间 - `$NotAfter`'."\n" + .'- 指定开始时间和结束时间 - `$NotBefore/$NotAfter`', + 'type' => 'string', + 'required' => false, + 'example' => '10y', + ], + ], + [ + 'name' => 'ApiPassthrough', + 'in' => 'query', + 'style' => 'json', + 'schema' => [ + 'title' => '通过API参数覆盖CSR内容或添加到CA证书中。', + 'description' => '通过API参数覆盖CSR内容或添加到CA证书中。'."\n", + 'type' => 'object', + 'properties' => [ + 'Subject' => [ + 'title' => 'CA证书主体信息。该值存在时会覆盖CSR中的SubjectDN。', + 'description' => 'CA证书主体信息。该值存在时会覆盖CSR中的SubjectDN。'."\n", + 'type' => 'object', + 'properties' => [ + 'Country' => [ + 'title' => '证书使用者所属国家。使用ISO 3166-1的二位国家代码。参考 https://www.iso.org/obp/ui/#search/code/', + 'description' => '所属国家。使用ISO 3166-1的二位国家代码。'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + 'State' => [ + 'title' => '证书使用者所属省/自治区/直辖市(Zhejiang)', + 'description' => '所属省/自治区/直辖市'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Zhejiang', + ], + 'Locality' => [ + 'title' => '证书使用者所属城市/区域 (hangzhou)', + 'description' => '所属城市/区域'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Hangzhou', + ], + 'Organization' => [ + 'title' => '证书使用者所属组织名称', + 'description' => '所属组织/公司'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Alibaba', + ], + 'OrganizationUnit' => [ + 'title' => '证书使用者所属组织单元名称', + 'description' => '所属组织内部的子单位(部门、团队、项目组或分支机构)'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Cloud Security', + ], + 'CommonName' => [ + 'title' => '证书使用者通用名', + 'description' => '当前CA证书名称'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Testing CA', + ], + ], + 'required' => false, + ], + 'Extensions' => [ + 'title' => 'CA证书扩展。该值存在时会覆盖CSR中的扩展项值,或添加到CA证书扩展项中。', + 'description' => 'CA证书扩展。该值存在时会覆盖CSR中的扩展项值,或添加到CA证书扩展项中。'."\n", + 'type' => 'object', + 'properties' => [ + 'PathLenConstraint' => [ + 'title' => 'CA路径长度限制。', + 'description' => '证书路径长度限制。EndEntity CA 该值必须传0,即当前CA证书用于颁发End Entity证书。'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '0', + ], + 'ExtendedKeyUsages' => [ + 'title' => 'CA扩展密钥用法。用于约束下级证书的扩展密钥用法。', + 'description' => '扩展密钥用法。', + 'type' => 'array', + 'items' => [ + 'description' => '允许使用以下值:'."\n" + ."\n" + .'- any - 不限制'."\n" + .'- serverAuth - 服务器认证'."\n" + .'- clientAuth - 客户端认证'."\n" + .'- codeSigning - 代码签名'."\n" + .'- emailProtection - 邮件保护'."\n" + .'- timeStamping - 时间戳'."\n" + .'- OCSPSigning - OCSP签名'."\n" + .'- 其他扩展密钥用法OID', + 'type' => 'string', + 'required' => false, + 'enumValueTitles' => [ + 'codeSigning' => 'codeSigning', + 'emailProtection' => 'emailProtection', + 'serverAuth' => 'serverAuth', + 'timeStamping' => 'timeStamping', + 'any' => 'any', + 'clientAuth' => 'clientAuth', + 'OCSPSigning' => 'OCSPSigning', + ], + 'example' => 'serverAuth', + ], + 'required' => false, + 'enumValueTitles' => [], + ], + ], + 'required' => false, + ], + ], + 'required' => false, + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'database', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => '1', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源分组ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'OpenApiResponse<CreateCaCertificateResult>', + 'description' => 'OpenApiResponse<CreateCaCertificateResult>', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '12345678-1234-1234-1234-123456789ABC', + ], + 'Identifier' => [ + 'description' => '证书唯一标识。'."\n", + 'type' => 'string', + 'example' => '1ed4068c-6f1b-6deb-8e32-3f8439a851cb', + ], + 'Certificate' => [ + 'description' => '证书内容。'."\n", + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/'."\n" + .'...'."\n" + .'...'."\n" + .'...'."\n" + .'KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg=='."\n" + .'-----END CERTIFICATE-----'."\n", + ], + 'CertificateChain' => [ + 'description' => 'CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'...'."\n" + .'...'."\n" + .'-----END CERTIFICATE-----'."\n" + .'-----BEGIN CERTIFICATE-----'."\n" + .'...'."\n" + .'...'."\n" + .'-----END CERTIFICATE-----'."\n", + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => '创建外部子CA证书', + 'description' => '## 请求说明'."\n" + .'- 本接口用于根据提供的证书签名请求(CSR)以及可选的API透传参数来创建一个外部子CA证书。'."\n" + .'- `InstanceId` 是必填项,代表需要启用的外部子CA实例ID。'."\n" + .'- `Csr` 字段必须包含有效的证书签名请求内容。'."\n" + .'- `Validity` 参数定义了证书的有效期,支持相对时间和绝对时间格式。'."\n" + .'- 通过`ApiPassthrough`可以覆盖CSR中的部分信息或添加额外的证书扩展项,例如主体信息(Subject)和扩展(Extensions)等。'."\n" + .'- 注意:对于EndEntity CA类型的证书,`pathLenConstraint`应设置为0。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateExternalCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"12345678-1234-1234-1234-123456789ABC\\",\\n \\"Identifier\\": \\"1ed4068c-6f1b-6deb-8e32-3f8439a851cb\\",\\n \\"Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\nMIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/\\\\n...\\\\n...\\\\n...\\\\nKOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==\\\\n-----END CERTIFICATE-----\\\\n\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\n...\\\\n...\\\\n-----END CERTIFICATE-----\\\\n-----BEGIN CERTIFICATE-----\\\\n...\\\\n...\\\\n-----END CERTIFICATE-----\\\\n\\"\\n}","type":"json"}]', + ], + 'CreateRevokeClientCertificate' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83506', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要吊销的客户端证书或服务端证书的唯一识别码。'."\n" + ."\n\n" + .'> 您可以调用[ListClientCertificate](~~465990~~)查询所有客户端与服务端证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'SuccessResponse', + 'description' => 'SuccessResponse', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '吊销证书', + 'summary' => '吊销某个客户端证书或服务端证书。', + 'description' => '客户端证书或服务端证书被吊销后,安装该证书的客户端或服务端将无法与其他设备建立HTTPS连接。'."\n" + ."\n" + .'吊销客户端证书或服务端证书后,您可以调用[DeleteClientCertificate](~~465981~~)将该证书永久删除。'."\n" + ."\n" + .'## QPS限制'."\n" + ."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateRevokeClientCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateRevokeClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","type":"json"}]', + ], + 'CreateRootCACertificate' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83507', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'CommonName', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构的通用名称或简称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Alibaba', + ], + ], + [ + 'name' => 'OrganizationUnit', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构下部门或分支的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Security', + ], + ], + [ + 'name' => 'Organization', + 'in' => 'query', + 'schema' => [ + 'description' => '根CA证书关联的组织机构(对应您的企业或单位)的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Aliyun', + ], + ], + [ + 'name' => 'Locality', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构所在城市的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Hangzhou', + ], + ], + [ + 'name' => 'State', + 'in' => 'query', + 'schema' => [ + 'description' => '<props="china">组织机构所在省份、直辖市或自治区的名称。支持使用中文、英文字符等。</props>'."\n" + .'<props="intl">组织机构所在省份或州的名称。支持使用中文、英文字符等。</props>', + 'type' => 'string', + 'required' => true, + 'example' => 'Zhejiang', + ], + ], + [ + 'name' => 'CountryCode', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构所在国家或地区的代码,使用两位大写英文字母缩写表示。例如,**CN**表示中国,**US**表示美国。'."\n" + ."\n" + .'关于不同国家的代码,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + ], + [ + 'name' => 'Algorithm', + 'in' => 'query', + 'schema' => [ + 'description' => '根CA证书的密钥算法类型。密钥算法使用`<加密算法>_<密钥长度>`格式表示。取值:'."\n" + ."\n" + .'- **RSA_1024**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_2048**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_4096**:对应签名算法为Sha256WithRSA。'."\n" + .'- **ECC_256**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_384**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_512**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **SM2_256**:对应签名算法为SM3WithSM2。'."\n" + ."\n\n" + .'根CA证书的加密算法必须与您购买的私有根CA的**证书算法**一致。示例:如果您购买私有根CA时选择的**证书算法**为**RSA**,则根CA证书的密钥算法必须是**RSA\\_1024**、**RSA\\_2048**或**RSA\\_4096**。', + 'type' => 'string', + 'required' => false, + 'example' => 'RSA_2048', + ], + ], + [ + 'name' => 'Years', + 'in' => 'query', + 'schema' => [ + 'description' => '根CA证书的有效期,单位:年。'."\n" + ."\n" + .'> 建议设置为5~10年。'."\n", + 'type' => 'integer', + 'format' => 'int32', + 'required' => true, + 'example' => '10', + ], + ], + [ + 'name' => 'ClientToken', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端Token,用于保证请求的幂等性。'."\n" + ."\n" + .'从您的客户端生成一个参数值,确保不同请求间该参数值唯一。ClientToken只支持ASCII字符。'."\n" + ."\n" + .'> 若您未指定,则系统自动使用API请求的**RequestId**作为**ClientToken**标识。每次API请求的**RequestId**可能不一样。', + 'type' => 'string', + 'required' => false, + 'example' => '3838B684-3075-582B-9A45-8C99104029DF', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'runtime', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => '1', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源分组ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-aek****wia', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'OpenApiResponse<CreateCaCertificateResult>', + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '6D9B4C5F-7140-5B41-924C-329181DC00C1', + ], + 'Identifier' => [ + 'description' => '本次请求创建的根CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '1a83bcbb89e562885e40aa0108f5****', + ], + 'Certificate' => [ + 'description' => '本次调用创建的PEM格式根证书。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => '本次调用创建的根证书的CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '创建根CA证书', + 'summary' => '创建一个根CA证书。', + 'description' => '本接口用于创建一个自签名的根CA证书。根CA证书是企业内部私有证书信任链的起点。只有创建根CA证书后,您才可以使用根CA证书签发子CA证书,然后使用子CA证书签发客户端与服务端证书。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[SSL证书服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有根CA,否则会调用失败。相关操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateRootCACertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateRootCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"6D9B4C5F-7140-5B41-924C-329181DC00C1\\",\\n \\"Identifier\\": \\"1a83bcbb89e562885e40aa0108f5****\\",\\n \\"Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateRootCACertificateResponse>\\n <Identifier>1a83bcbb89e562885e40aa0108f5****</Identifier>\\n <RequestId>6D9B4C5F-7140-5B41-924C-329181DC00C1</RequestId>\\n <Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </Certificate>\\n <CertificateChain>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n -----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </CertificateChain>\\n</CreateRootCACertificateResponse>","errorExample":""}]', + ], + 'CreateServerCertificate' => [ + 'summary' => '基于系统自动生成的CSR签发单个服务端证书', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83508', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Domain', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的扩展域名、扩展IP地址。为证书添加扩展信息后,您可以将证书应用到多个域名、IP地址。'."\n" + ."\n" + .'多个域名、IP地址之间需用半角逗号(,)隔开。', + 'type' => 'string', + 'required' => false, + 'example' => 'example.com', + ], + ], + [ + 'name' => 'Organization', + 'in' => 'query', + 'schema' => [ + 'description' => '机构名称,默认:Alibaba Inc。', + 'type' => 'string', + 'required' => false, + 'example' => '阿里云', + ], + ], + [ + 'name' => 'OrganizationUnit', + 'in' => 'query', + 'schema' => [ + 'description' => '部门名称,默认:Aliyun CDN。', + 'type' => 'string', + 'required' => false, + 'example' => 'IT', + ], + ], + [ + 'name' => 'Country', + 'in' => 'query', + 'schema' => [ + 'description' => '国家代码,如CN,US。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + ], + [ + 'name' => 'CommonName', + 'in' => 'query', + 'schema' => [ + 'description' => '表示证书使用者的名称。服务端认证(ServerAuth)证书使用者是服务器,建议填写服务器绑定的域名或IP。', + 'type' => 'string', + 'required' => true, + 'example' => 'www.example.com', + ], + ], + [ + 'name' => 'State', + 'in' => 'query', + 'schema' => [ + 'description' => '<props="china">设置证书组织机构所在省份、直辖市或自治区的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">设置证书组织机构所在省份或州的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份或州的名称。</props>'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Zhejiang', + ], + ], + [ + 'name' => 'Locality', + 'in' => 'query', + 'schema' => [ + 'description' => '设置证书组织机构所在城市的名称。支持使用中文、英文字符等。'."\n" + .'默认为签发该证书的子CA证书的组织机构所在城市的名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'Hangzhou', + ], + ], + [ + 'name' => 'Algorithm', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的密钥算法。密钥算法使用`<加密算法>_<密钥长度>`格式表示。取值:'."\n" + ."\n" + .'- **RSA_1024**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_2048**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_4096**:对应签名算法为Sha256WithRSA。'."\n" + .'- **ECC_256**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_384**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_512**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **SM2_256**:对应签名算法为SM3WithSM2。'."\n" + ."\n\n" + .'服务端证书的加密算法必须与子CA证书一致,密钥长度可以不一致。例如:子CA证书的密钥算法为RSA_2048,则服务端证书的密钥算法必须是RSA_1024、RSA_2048、RSA_4096中的一种。'."\n" + ."\n" + .'>您可以调用[DescribeCACertificate](~~465954~~)查询子CA证书的密钥算法。', + 'type' => 'string', + 'required' => true, + 'example' => 'RSA_2048', + ], + ], + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '签发该证书的子CA证书的唯一识别码。'."\n" + .'>您可以调用[DescribeCACertificateList](~~465957~~)查询子CA证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '271ae6bb538d538c70c01f81dg3****', + ], + ], + [ + 'name' => 'Years', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Months', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。单位:月。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '12', + ], + ], + [ + 'name' => 'Days', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的有效期。单位:天。'."\n" + .'**Days**、**BeforeTime**、**AfterTime**参数不能同时为空,并且**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。该参数具体设置说明如下:'."\n" + ."\n" + .'- 当设置**Days**参数时,您可以选择同时设置**BeforeTime**、**AfterTime**参数或者不设置**BeforeTime**、**AfterTime**参数。'."\n" + ."\n\n" + .'- 当不设置**Days**参数时,您必须设置**BeforeTime**、**AfterTime**参数。'."\n" + ."\n" + .'>- 当您同时设置**Days**、**BeforeTime**、**AfterTime**参数时,服务端证书的有效期以**Days**参数的值为准。'."\n" + .'- 服务端证书的有效期不能超过子CA证书的有效期。您可以调用[DescribeCACertificate](~~465954~~)查看子CA证书的有效期。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '365', + ], + ], + [ + 'name' => 'BeforeTime', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的签发时间,使用时间戳格式,默认为您调用该接口的时间。单位:秒。'."\n" + ."\n" + .'>**BeforeTime**和**AfterTime**参数必须同为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1634283958', + ], + ], + [ + 'name' => 'AfterTime', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的服务到期时间,使用时间戳格式。单位:秒。'."\n" + .'>**BeforeTime**和**AfterTime**参数必须同为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1665819958', + ], + ], + [ + 'name' => 'Immediately', + 'in' => 'query', + 'schema' => [ + 'description' => '立即返回数字证书。'."\n" + .'- **0**,不返回。默认值。'."\n" + .'- **1**,返回证书。'."\n" + .'- **2**, 返回证书及其证书链 。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'EnableCrl', + 'in' => 'query', + 'schema' => [ + 'description' => '是否包含CRL地址'."\n" + ."\n" + .'0 - 否 '."\n" + ."\n" + .'1 - 是', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'account', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源组ID。此ID可通过调用[ListResources](~~2716559~~)接口获取。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + [ + 'name' => 'CustomIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'required' => false, + 'example' => '****6bb538d538c70c01f81dg3****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'description' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '服务端证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => 'CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n', + ], + 'Identifier' => [ + 'description' => '服务端证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。', + 'type' => 'string', + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n\\",\\n \\"Identifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"SerialNumber\\": \\"084bde9cd233f0ddae33adc438cfbbbd****\\",\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateServerCertificateResponse>\\n <Identifier>160ae6bb538d538c70c01f81dcf2****</Identifier>\\n <RootX509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </RootX509Certificate>\\n <ParentX509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </ParentX509Certificate>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <X509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </X509Certificate>\\n <CertificateChain>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n -----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </CertificateChain>\\n</CreateServerCertificateResponse>","errorExample":""}]', + 'title' => '基于系统自动生成的CSR签发单个服务端证书', + 'description' => '调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书,并且调用[CreateSubCACertificate](~~465975~~)创建了子CA证书。只有子CA证书才能签发服务端证书。'."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateServerCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateServerCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateServerCertificateWithCsr' => [ + 'summary' => '基于自定义的CSR签发单个服务端证书', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83509', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Csr', + 'in' => 'query', + 'schema' => [ + 'description' => 'CSR内容。'."\n" + .'您可以通过OpenSSL工具或者Keytool工具生成CSR。更多信息,请参见[如何制作CSR文件](~~42218~~)。'."\n" + .'<props="china">您也可以通过SSL证书控制台创建CSR。更多信息,请参见[创建CSR](~~313297~~)。</props>'."\n", + 'type' => 'string', + 'required' => true, + 'example' => '-----BEGIN CERTIFICATE REQUEST----- ...... -----END CERTIFICATE REQUEST-----', + ], + ], + [ + 'name' => 'Domain', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的扩展域名或者扩展IP地址。为证书添加扩展信息后,您可以将证书应用到多个域名或者IP地址。'."\n" + ."\n" + .'支持同时输入多个域名和IP地址。如果您需要输入多个扩展信息,请用半角逗号(,)将其隔开。', + 'type' => 'string', + 'required' => false, + 'example' => 'example.com', + ], + ], + [ + 'name' => 'Organization', + 'in' => 'query', + 'schema' => [ + 'description' => '机构名称,默认:Alibaba Inc。', + 'type' => 'string', + 'required' => false, + 'example' => '阿里云', + ], + ], + [ + 'name' => 'OrganizationUnit', + 'in' => 'query', + 'schema' => [ + 'description' => '部门名称,默认:Aliyun CDN。', + 'type' => 'string', + 'required' => false, + 'example' => 'IT', + ], + ], + [ + 'name' => 'Country', + 'in' => 'query', + 'schema' => [ + 'description' => '国家代码,例如**CN**。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + ], + [ + 'name' => 'CommonName', + 'in' => 'query', + 'schema' => [ + 'description' => '设置证书的公用名。支持使用中文、英文字符等。'."\n" + .'>如果您设置了**Csr**参数,则**CommonName**参数取值以**Csr**参数中的对应信息为准。', + 'type' => 'string', + 'required' => false, + 'example' => 'mtcsq.com', + ], + ], + [ + 'name' => 'State', + 'in' => 'query', + 'schema' => [ + 'description' => '<props="china">设置证书组织机构所在省份、直辖市或自治区的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">设置证书组织机构所在省份或州的名称。支持使用中文、英文字符等。默认为签发该证书的子CA证书组织机构所在省份或州的名称。</props>'."\n", + 'type' => 'string', + 'required' => false, + 'example' => 'Zhejiang', + ], + ], + [ + 'name' => 'Locality', + 'in' => 'query', + 'schema' => [ + 'description' => '设置证书组织机构所在城市的名称。支持使用中文、英文字符等。'."\n" + .'默认为签发该证书的子CA证书的组织机构所在城市的名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'Hangzhou', + ], + ], + [ + 'name' => 'Algorithm', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的密钥算法。密钥算法使用`<加密算法>_<密钥长度>`格式表示。取值:'."\n" + ."\n" + .'- **RSA_1024**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_2048**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_4096**:对应签名算法为Sha256WithRSA。'."\n" + .'- **ECC_256**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_384**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **ECC_512**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **SM2_256**:对应签名算法为SM3WithSM2。'."\n" + ."\n\n" + .'服务端证书的加密算法必须与子CA证书一致,密钥长度可以不一致。例如:子CA证书的密钥算法为RSA_2048,则服务端证书的密钥算法必须是RSA_1024、RSA_2048、RSA_4096中的一种。'."\n" + ."\n" + .'>您可以调用[DescribeCACertificate](~~465954~~)查询子CA证书的密钥算法。', + 'type' => 'string', + 'required' => false, + 'example' => 'RSA_2048', + ], + ], + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '签发该证书的子CA证书的唯一识别码。'."\n" + .'>您可以调用[DescribeCACertificateList](~~465957~~)查询子CA证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '270oe6bb538d538c70c01f81hfd3****', + ], + ], + [ + 'name' => 'Years', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Months', + 'in' => 'query', + 'schema' => [ + 'description' => '证书有效期。单位:月。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '12', + ], + ], + [ + 'name' => 'Days', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的有效期。单位:天。'."\n" + .'**Days**、**BeforeTime**、**AfterTime**参数不能同时为空,并且**BeforeTime**、**AfterTime**参数必须同时为空或者同时设置。该参数具体设置说明如下:'."\n" + ."\n" + .'- 当设置**Days**参数时,您可以选择同时设置**BeforeTime**、**AfterTime**参数或者不设置**BeforeTime**、**AfterTime**参数。'."\n" + ."\n\n" + .'- 当不设置**Days**参数时,您必须设置**BeforeTime**、**AfterTime**参数。'."\n" + ."\n" + .'>- 当您同时设置**Days**、**BeforeTime**、**AfterTime**参数时,服务端证书的有效期以**Days**参数的值为准。'."\n" + .'- 服务端证书的有效期不能超过子CA证书的有效期。您可以调用[DescribeCACertificate](~~465954~~)查看子CA证书的有效期。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '365', + ], + ], + [ + 'name' => 'BeforeTime', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的签发时间,使用时间戳格式,默认为您调用该接口的时间。单位:秒。'."\n" + ."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时配置。'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1634283958', + ], + ], + [ + 'name' => 'AfterTime', + 'in' => 'query', + 'schema' => [ + 'description' => '服务端证书的服务到期时间,使用时间戳格式。单位:秒。'."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时配置。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1665819958', + ], + ], + [ + 'name' => 'Immediately', + 'in' => 'query', + 'schema' => [ + 'description' => '立即返回数字证书。'."\n" + .'- **0** , 不返回。默认值。'."\n" + .'- **1**,返回证书。'."\n" + .'- **2**, 返回证书及其证书链 。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'EnableCrl', + 'in' => 'query', + 'schema' => [ + 'description' => '是否包含CRL地址'."\n" + ."\n" + .'0 - 否 '."\n" + ."\n" + .'1 - 是', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'account', + ], + 'Value' => [ + 'description' => '标签的值(value)。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源分组ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-aek****wia', + ], + ], + [ + 'name' => 'CustomIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'required' => false, + 'example' => '***e6bb538d538c70c01f81hfd3****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'description' => 'CreateCertificateResponse<CertificateIdentifierWithParentDTO>', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '服务端证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => 'CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n', + ], + 'Identifier' => [ + 'description' => '服务端证书的唯一识别码。', + 'type' => 'string', + 'example' => '180ae6bb538d538c70c01f81dcf2****', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。', + 'type' => 'string', + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '55C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n\\",\\n \\"Identifier\\": \\"180ae6bb538d538c70c01f81dcf2****\\",\\n \\"SerialNumber\\": \\"084bde9cd233f0ddae33adc438cfbbbd****\\",\\n \\"RequestId\\": \\"55C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateServerCertificateWithCsrResponse>\\n <Identifier>180ae6bb538d538c70c01f81dcf2****</Identifier>\\n <RootX509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </RootX509Certificate>\\n <ParentX509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </ParentX509Certificate>\\n <RequestId>55C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <X509Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </X509Certificate>\\n <CertificateChain>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n -----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </CertificateChain>\\n</CreateServerCertificateWithCsrResponse>","errorExample":""}]', + 'title' => '基于自定义的CSR签发单个服务端证书', + 'description' => '调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书,并且调用[CreateSubCACertificate](~~465959~~)创建了子CA证书。只有子CA证书才能签发服务端证书。'."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateServerCertificateWithCsr', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateServerCertificateWithCsr', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'CreateSubCACertificate' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'create', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83510', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => '根CA证书的唯一识别码。'."\n" + ."\n\n" + .'> 您可以调用[DescribeCACertificateList](~~465957~~)查询所有CA证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '1a83bcbb89e562885e40aa0108f5****', + ], + ], + [ + 'name' => 'CommonName', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构的通用名称或简称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Aliyun', + ], + ], + [ + 'name' => 'OrganizationUnit', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构下部门或分支的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Security', + ], + ], + [ + 'name' => 'Organization', + 'in' => 'query', + 'schema' => [ + 'description' => '子CA证书关联的组织机构(对应您的企业或单位)的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Alibaba', + ], + ], + [ + 'name' => 'Locality', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构所在城市的名称。支持使用中文、英文字符等。', + 'type' => 'string', + 'required' => true, + 'example' => 'Hangzhou', + ], + ], + [ + 'name' => 'State', + 'in' => 'query', + 'schema' => [ + 'description' => '<props="china">组织机构所在省份、直辖市或自治区的名称。支持使用中文、英文字符等。</props>'."\n" + .'<props="intl">组织机构所在省份或州的名称。支持使用中文、英文字符等。</props>', + 'type' => 'string', + 'required' => true, + 'example' => 'Zhejiang', + ], + ], + [ + 'name' => 'CountryCode', + 'in' => 'query', + 'schema' => [ + 'description' => '组织机构所在国家或地区的代码,使用两位或三位大写英文字母缩写表示。例如,**CN**表示中国,**US**表示美国。'."\n" + ."\n" + .'关于不同国家的代码,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'required' => false, + 'example' => 'CN', + ], + ], + [ + 'name' => 'Algorithm', + 'in' => 'query', + 'schema' => [ + 'description' => '子CA证书的密钥算法类型。密钥算法使用`<加密算法>_<密钥长度>`格式表示。取值:'."\n" + .'- **RSA_1024**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_2048**:对应签名算法为Sha256WithRSA。'."\n" + .'- **RSA_4096**:对应签名算法为Sha256WithRSA。'."\n" + .'- **ECC_256**:对应签名算法为Sha256WithECDSA。'."\n" + .'- **SM2_256**:对应签名算法为SM3WithSM2。'."\n" + ."\n\n" + .'子CA证书的加密算法必须与根CA证书一致,密钥长度可以不一致。示例:根CA证书的密钥算法为**RSA\\_2048**,则子CA证书的密钥算法必须是**RSA\\_1024**、**RSA\\_2048**、**RSA\\_4096**。'."\n" + ."\n" + .'> 您可以调用[DescribeCACertificate](~~465954~~)查询根CA证书的密钥算法。', + 'type' => 'string', + 'required' => true, + 'example' => 'RSA_2048', + ], + ], + [ + 'name' => 'Years', + 'in' => 'query', + 'schema' => [ + 'description' => '子CA证书的有效期,单位:年。'."\n" + ."\n" + .'建议设置为5~10年。'."\n" + ."\n\n" + .'> 子CA证书的有效期不能超过根CA证书的有效期。您可以调用[DescribeCACertificate](~~465954~~)查询根CA证书的有效期。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => true, + 'example' => '5', + ], + ], + [ + 'name' => 'PathLenConstraint', + 'in' => 'query', + 'schema' => [ + 'description' => '证书路径长度限制,默认0。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'enumValueTitles' => [], + 'example' => '0', + ], + ], + [ + 'name' => 'ExtendedKeyUsages', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '扩展密钥用法', + 'type' => 'array', + 'items' => [ + 'description' => '扩展密钥用法,允许以下其一:'."\n" + ."\n" + .'- any'."\n" + .'- serverAuth'."\n" + .'- clientAuth'."\n" + .'- codeSigning'."\n" + .'- emailProtection'."\n" + .'- timeStamping'."\n" + .'- OCSPSigning'."\n" + .'- 其他扩展密钥用法OID', + 'type' => 'string', + 'required' => false, + 'enumValueTitles' => [ + 'codeSigning' => '代码签名', + 'emailProtection' => '邮件保护', + 'serverAuth' => '服务器认证', + 'timeStamping' => '签发时间戳', + 'any' => '任意', + 'clientAuth' => '客户端认证', + 'OCSPSigning' => 'OCSP签名', + ], + 'example' => 'serverAuth', + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'EnableCrl', + 'in' => 'query', + 'schema' => [ + 'description' => '是否启用CRL服务'."\n" + ."\n" + .'- false - 否'."\n" + .'- true - 是', + 'type' => 'boolean', + 'required' => false, + 'enumValueTitles' => [ + 'true' => 'true', + 'false' => 'false', + ], + 'example' => 'true', + ], + ], + [ + 'name' => 'CrlDay', + 'in' => 'query', + 'schema' => [ + 'description' => 'CRL有效期 1-365天', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '30', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'testKey', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源分组ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-ae****vty', + ], + ], + [ + 'name' => 'ClientToken', + 'in' => 'formData', + 'schema' => [ + 'description' => '用于保证请求的幂等性。由客户端生成该参数值,要保证在不同请求间唯一,最大值不超过64个ASCII字符,且该参数值中不能包含非ASCII字符。', + 'type' => 'string', + 'required' => false, + 'example' => 'XXX', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'OpenApiResponse<CreateCaCertificateResult>', + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次调用请求的ID,是由阿里云为该请求生成的唯一标识符,可用于排查和定位问题。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'Identifier' => [ + 'description' => '本次请求创建的子CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Certificate' => [ + 'description' => '本次调用创建的PEM格式证书。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----', + ], + 'CertificateChain' => [ + 'description' => '本次调用创建的证书的CA证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n-----BEGIN CERTIFICATE-----\\n......\\n-----END CERTIFICATE-----\\n', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '创建子CA证书', + 'summary' => '创建一个子CA证书。', + 'description' => '本接口用于通过已有的根CA证书签发一个子CA证书。子CA证书可用于签发客户端和服务端证书。'."\n" + ."\n" + .'调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'responseParamsDescription' => '- serverAuth :服务器认证'."\n" + .'- clientAuth :客户端认证'."\n" + .'- codeSigning :代码签名'."\n" + .'- emailProtection :邮件保护'."\n" + .'- timeStamping :时间戳'."\n" + .'- OCSPSigning :OCSP签名'."\n" + .'- 其他扩展密钥用法OID', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateSubCACertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateSubCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"Identifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Certificate\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\",\\n \\"CertificateChain\\": \\"-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n-----BEGIN CERTIFICATE-----\\\\\\\\n......\\\\\\\\n-----END CERTIFICATE-----\\\\\\\\n\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateSubCACertificateResponse>\\n <Identifier>160ae6bb538d538c70c01f81dcf2****</Identifier>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <Certificate>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </Certificate>\\n <CertificateChain>-----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n -----BEGIN CERTIFICATE-----\\n ......\\n -----END CERTIFICATE-----\\n </CertificateChain>\\n</CreateSubCACertificateResponse>","errorExample":""}]', + ], + 'DeleteClientCertificate' => [ + 'summary' => '删除已吊销的客户端证书或服务端证书。', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83511', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要删除的客户端证书或服务端证书的唯一识别码。证书的当前状态必须是**REVOKE**。'."\n" + ."\n\n" + ."\n" + .'> 您可以调用[ListClientCertificate](~~465990~~)查询所有客户端证书和服务端证书的唯一识别码和当前状态。', + 'type' => 'string', + 'required' => true, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'SuccessResponse', + 'description' => 'SuccessResponse', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '删除证书', + 'description' => '调用本接口前,您必须先调用[CreateRevokeClientCertificate](~~465972~~)吊销客户端证书或服务端证书。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。公共请求参数的详细介绍,请参见[公共参数](~~327167~~)。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteClientCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-cert:DeleteClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","type":"json"}]', + ], + 'DescribeCACertificate' => [ + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83512', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + 'FEATUREcasFBEHXR', + ], + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的CA证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[DescribeCACertificateList](~~465957~~)查询所有CA证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'DescribeCertificateResponse<CaCertificateDTO>', + 'description' => 'DescribeCertificateResponse<CaCertificateDTO>。', + 'type' => 'object', + 'properties' => [ + 'Certificate' => [ + 'description' => 'CA证书的详细信息。', + 'type' => 'object', + 'properties' => [ + 'CertificateType' => [ + 'description' => 'CA证书的类型。取值:'."\n" + ."\n" + .'- **ROOT**:表示根CA证书。'."\n" + .'- **SUB_ROOT**:表示子CA证书。', + 'type' => 'string', + 'example' => 'SUB_ROOT', + ], + 'X509Certificate' => [ + 'description' => 'CA证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----', + ], + 'Identifier' => [ + 'description' => 'CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'SerialNumber' => [ + 'description' => 'CA证书的序列号。', + 'type' => 'string', + 'example' => '70e3b2566d92805173767869727fb92e****', + ], + 'SubjectDN' => [ + 'description' => 'CA证书的使用者属性,包含以下信息:'."\n" + ."\n" + .'- **C**:组织机构所在国家代码。'."\n" + .'- **O**:组织机构的名称。'."\n" + .'- **OU**:组织机构下的部门。'."\n" + .'- **L**:组织机构所在城市。'."\n" + .'<props="china">- **ST**:组织机构所在省份、直辖市或自治区。</props>'."\n" + .'<props="intl">- **ST**:组织机构所在省份或州。</props>'."\n" + .'- **CN**:组织机构的通用名称或简称。'."\n", + 'type' => 'string', + 'example' => 'C=CN,O=aliyun,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun', + ], + 'CommonName' => [ + 'description' => 'CA证书关联的组织机构的通用名称或简称。', + 'type' => 'string', + 'example' => 'Aliyun', + ], + 'OrganizationUnit' => [ + 'description' => 'CA证书关联的组织机构下部门的名称。', + 'type' => 'string', + 'example' => 'Security', + ], + 'Organization' => [ + 'description' => 'CA证书关联的组织机构的名称。', + 'type' => 'string', + 'example' => 'aliyun', + ], + 'Locality' => [ + 'description' => 'CA证书关联的组织机构所在城市的名称。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'State' => [ + 'description' => '<props="china">CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">CA证书关联的组织机构所在省份或州的名称。</props>'."\n", + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'CountryCode' => [ + 'description' => 'CA证书关联的组织机构所在国家的代码。'."\n" + ."\n" + .'关于不同国家代码的含义,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'example' => 'CN', + ], + 'Sans' => [ + 'description' => '该参数已废弃。', + 'type' => 'string', + 'example' => '1', + ], + 'Status' => [ + 'description' => 'CA证书的状态。取值:'."\n" + ."\n" + .'- **ISSUE**:表示正常签发。'."\n" + .'- **REVOKE**:表示已被吊销。'."\n", + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'Algorithm' => [ + 'description' => 'CA证书的加密算法类型。取值:'."\n" + ."\n" + .'- **RSA**:表示RSA算法。'."\n" + .'- **ECC**:表示ECC算法。'."\n" + .'- **SM2**:表示SM2(国密)算法。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'KeySize' => [ + 'description' => 'CA证书的密钥长度。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '2048', + ], + 'SignAlgorithm' => [ + 'description' => 'CA证书的签名算法。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'BeforeDate' => [ + 'description' => 'CA证书的签发日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1634283958000', + ], + 'AfterDate' => [ + 'description' => 'CA证书的到期日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1665819958000', + ], + 'ParentIdentifier' => [ + 'description' => '签发该CA证书的根CA证书的唯一识别码。'."\n" + ."\n" + .'> 只有当**CertificateType**为**SUB_ROOT**(表示子CA证书)时,才会返回该参数。', + 'type' => 'string', + 'example' => '1a83bcbb89e562885e40aa0108f5****', + ], + 'Sha2' => [ + 'description' => 'CA证书的SHA256数字指纹。', + 'type' => 'string', + 'example' => '14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****', + ], + 'Md5' => [ + 'description' => 'CA证书的MD5数字指纹。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'CrlStatus' => [ + 'description' => 'CRL状态(启用状态)。', + 'type' => 'string', + 'example' => 'ACTIVE', + ], + 'CrlUrl' => [ + 'description' => 'CRL地址。', + 'type' => 'string', + 'example' => 'https://crl-cn-publish.oss-cn-hangzhou.aliyuncs.com/pca/crl/1925647866611395/1ed40789-483f-6023-b6b8-29ddd3bb0a9a.crl', + ], + 'CertTotalCount' => [ + 'description' => '已购买证书配额总数。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '40', + ], + 'CertRemainingCount' => [ + 'description' => '剩余可分配证书配额数量。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '30', + ], + 'CertIssuedCount' => [ + 'description' => '私有CA实例已经签发证书的数量。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '10', + ], + 'CaCertChain' => [ + 'description' => '完整证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'-----END CERTIFICATE-----'."\n" + ."\n" + .'-----BEGIN CERTIFICATE-----'."\n" + .'-----END CERTIFICATE-----'."\n" + ."\n" + .'-----BEGIN CERTIFICATE-----'."\n" + .'-----END CERTIFICATE-----', + ], + 'CrlDay' => [ + 'description' => 'CRL有效期 1-365天。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '90', + ], + 'IssuerType' => [ + 'description' => '签发CA的机构。取值:'."\n" + ."\n" + .'- local:私有证书。'."\n" + .'- iTrusChina: 合规CA。'."\n" + .'- external:外部导入。', + 'type' => 'string', + 'example' => 'local', + ], + 'Years' => [ + 'description' => 'CA证书的有效期,单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'FullAlgorithm' => [ + 'description' => '携带长度的算法。', + 'type' => 'string', + 'example' => 'RSA_2048', + ], + 'ResourceGroupId' => [ + 'description' => '证书所属资源组的ID。', + 'type' => 'string', + 'example' => 'rg-aek2pxd7ekpoo2y', + ], + 'ClusterId' => [ + 'description' => '加密机集群标识。(通过加密机启用CA)', + 'type' => 'string', + 'example' => 'XXX-id', + ], + 'KeyIndex' => [ + 'description' => '加密机密钥索引位置。(通过加密启用CA)', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '8', + ], + 'Tags' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签值。', + 'type' => 'object', + 'properties' => [ + 'TagKey' => [ + 'description' => '标签 Key', + 'type' => 'string', + 'example' => '使用状态', + ], + 'TagValue' => [ + 'description' => '标签值。', + 'type' => 'string', + 'example' => 'BMS', + ], + ], + ], + ], + ], + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'Years' => [ + 'description' => 'CA证书的有效期,单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '10', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => '查询单个根CA证书或子CA证书的详细信息', + 'summary' => '查询CA详情。', + 'description' => '本接口用于通过证书的唯一识别码,查询单个根CA证书或子CA证书的详细信息,例如,CA证书的序列号、使用者信息、证书内容等。'."\n" + ."\n" + .'调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书、调用[CreateSubCACertificate](~~465959~~)创建了子CA证书。'."\n" + ."\n\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCACertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"Certificate\\": {\\n \\"CertificateType\\": \\"SUB_ROOT\\",\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----\\",\\n \\"Identifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"SerialNumber\\": \\"70e3b2566d92805173767869727fb92e****\\",\\n \\"SubjectDN\\": \\"C=CN,O=aliyun,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun\\",\\n \\"CommonName\\": \\"Aliyun\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"Organization\\": \\"aliyun\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"Sans\\": \\"1\\",\\n \\"Status\\": \\"ISSUE\\",\\n \\"Algorithm\\": \\"RSA\\",\\n \\"KeySize\\": 2048,\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"BeforeDate\\": 1634283958000,\\n \\"AfterDate\\": 1665819958000,\\n \\"ParentIdentifier\\": \\"1a83bcbb89e562885e40aa0108f5****\\",\\n \\"Sha2\\": \\"14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****\\",\\n \\"Md5\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"CrlStatus\\": \\"ACTIVE\\",\\n \\"CrlUrl\\": \\"https://crl-cn-publish.oss-cn-hangzhou.aliyuncs.com/pca/crl/1925647866611395/1ed40789-483f-6023-b6b8-29ddd3bb0a9a.crl\\",\\n \\"CertTotalCount\\": 40,\\n \\"CertRemainingCount\\": 30,\\n \\"CertIssuedCount\\": 10,\\n \\"CaCertChain\\": \\"-----BEGIN CERTIFICATE-----\\\\n-----END CERTIFICATE-----\\\\n\\\\n-----BEGIN CERTIFICATE-----\\\\n-----END CERTIFICATE-----\\\\n\\\\n-----BEGIN CERTIFICATE-----\\\\n-----END CERTIFICATE-----\\",\\n \\"CrlDay\\": 90,\\n \\"IssuerType\\": \\"local\\",\\n \\"Years\\": 1,\\n \\"FullAlgorithm\\": \\"RSA_2048\\",\\n \\"ResourceGroupId\\": \\"rg-aek2pxd7ekpoo2y\\",\\n \\"ClusterId\\": \\"XXX-id\\",\\n \\"KeyIndex\\": 8,\\n \\"Tags\\": [\\n {\\n \\"TagKey\\": \\"使用状态\\",\\n \\"TagValue\\": \\"BMS\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"Years\\": 10\\n}","errorExample":""},{"type":"xml","example":"<DescribeCACertificateResponse>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <Certificate>\\n <Years>5</Years>\\n <Status>ISSUE</Status>\\n <SerialNumber>70e3b2566d92805173767869727fb92e****</SerialNumber>\\n <CertificateType>SUB_ROOT</CertificateType>\\n <Algorithm>RSA</Algorithm>\\n <State>Zhejiang</State>\\n <Organization>阿里云计算有限公司</Organization>\\n <ParentIdentifier>1a83bcbb89e562885e40aa0108f5****</ParentIdentifier>\\n <Locality>Hangzhou</Locality>\\n <Identifier>160ae6bb538d538c70c01f81dcf2****</Identifier>\\n <KeySize>2048</KeySize>\\n <X509Certificate>-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----</X509Certificate>\\n <SubjectDN>C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun</SubjectDN>\\n <SignAlgorithm>SHA256WITHRSA</SignAlgorithm>\\n <OrganizationUnit>Security</OrganizationUnit>\\n <AfterDate>1665819958000</AfterDate>\\n <Sha2>14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****</Sha2>\\n <CommonName>Aliyun</CommonName>\\n <Md5>160ae6bb538d538c70c01f81dcf2****</Md5>\\n <CountryCode>CN</CountryCode>\\n <BeforeDate>1634283958000</BeforeDate>\\n </Certificate>\\n</DescribeCACertificateResponse>","errorExample":""}]', + ], + 'DescribeCACertificateCount' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83513', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'TotalCount' => [ + 'description' => '已创建的CA证书(包括根CA证书、子CA证书)的数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '2', + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询已创建的CA证书的数量', + 'summary' => '查询已创建的CA证书的数量。', + 'description' => '本接口用于查询您已创建的CA证书(包括根CA证书、子CA证书)的数量。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCACertificateCount', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCACertificateCount', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"TotalCount\\": 2,\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","errorExample":""},{"type":"xml","example":"<DescribeCACertificateCountResponse>\\n <TotalCount>2</TotalCount>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n</DescribeCACertificateCountResponse>","errorExample":""}]', + ], + 'DescribeCACertificateList' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83514', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'CurrentPage', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,设置当前页面的页码。默认值为**1**。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'ShowSize', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,设置每页包含CA证书的数量。默认值为**20**。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '20', + ], + ], + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => 'CA证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[DescribeCACertificateList](~~328095~~)查询所有CA证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '1ee47e24-c51b-67cc-aa6b-1f7561cf9d9a', + ], + ], + [ + 'name' => 'CertType', + 'in' => 'query', + 'schema' => [ + 'description' => 'CA的类型 。取值:'."\n" + ."\n" + .'- root:根CA。'."\n" + .'- subRoot:子CA。'."\n" + .'- externalCa:外部导入的CA。', + 'type' => 'string', + 'required' => false, + 'example' => 'subRoot', + ], + ], + [ + 'name' => 'CaStatus', + 'in' => 'query', + 'schema' => [ + 'description' => '当前的CA状态,取值:'."\n" + ."\n" + .'- issue:启用。'."\n" + .'- forbidden:禁用。'."\n" + .'- revoke:已吊销。', + 'type' => 'string', + 'required' => false, + 'example' => 'issue', + ], + ], + [ + 'name' => 'ValidStatus', + 'in' => 'query', + 'schema' => [ + 'description' => 'CA时间状态。取值:'."\n" + ."\n" + .'- valid:表示CA处于有效期内。'."\n" + .'- notValid:表示CA已过期。', + 'type' => 'string', + 'required' => false, + 'example' => 'valid', + ], + ], + [ + 'name' => 'IssuerType', + 'in' => 'query', + 'schema' => [ + 'description' => '签发CA的机构。取值:'."\n" + ."\n" + .'- local:私有证书。'."\n" + .'- iTrusChina: 合规CA。'."\n" + .'- external:外部导入。', + 'type' => 'string', + 'required' => false, + 'example' => 'local', + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源组ID。此ID可通过调用[ListResources](~~2716559~~)接口获取。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-ae******4wia', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'CurrentPage' => [ + 'description' => '当前页面的页码。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'TotalCount' => [ + 'description' => '查询到的根CA证书和子CA证书的总数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '2', + ], + 'PageCount' => [ + 'description' => '返回结果的页数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ShowSize' => [ + 'description' => '每页包含CA证书的数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + 'CertificateList' => [ + 'description' => 'CA证书的详情列表。', + 'type' => 'array', + 'items' => [ + 'description' => '证书信息。', + 'type' => 'object', + 'properties' => [ + 'Years' => [ + 'description' => 'CA证书的有效期,单位:年。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '3', + ], + 'Status' => [ + 'description' => 'CA证书的状态。取值:'."\n" + ."\n" + .'- **ISSUE**:表示正常签发。'."\n" + .'- **REVOKE**:表示已被吊销。', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'SerialNumber' => [ + 'description' => 'CA证书的序列号。', + 'type' => 'string', + 'example' => '70e3b2566d92805173767869727fb92e****', + ], + 'CertificateType' => [ + 'description' => 'CA证书的类型。取值:'."\n" + ."\n" + .'- **ROOT**:表示根CA证书。'."\n" + .'- **SUB_ROOT**:表示子CA证书。', + 'type' => 'string', + 'example' => 'SUB_ROOT', + ], + 'Algorithm' => [ + 'description' => 'CA证书的加密算法类型。取值:'."\n" + ."\n" + .'- **RSA**:表示RSA算法。'."\n" + .'- **ECC**:表示ECC算法。'."\n" + .'- **SM2**:表示SM2(国密)算法。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'State' => [ + 'description' => '<props="china">CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">CA证书关联的组织机构所在省份或州的名称。</props>', + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'Organization' => [ + 'description' => 'CA证书关联的组织机构的名称。', + 'type' => 'string', + 'example' => '阿里云计算有限公司', + ], + 'ParentIdentifier' => [ + 'description' => '签发该CA证书的根CA证书的唯一识别码。'."\n" + ."\n" + .'> 只有当**CertificateType**为**SUB_ROOT**(表示子CA证书)时,才会返回该参数。', + 'type' => 'string', + 'example' => '1a83bcbb89e562885e40aa0108f5****', + ], + 'Locality' => [ + 'description' => 'CA证书关联的组织机构所在城市的名称。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'Identifier' => [ + 'description' => 'CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Sans' => [ + 'description' => '该参数已废弃。', + 'type' => 'string', + 'example' => '1', + ], + 'KeySize' => [ + 'description' => 'CA证书的密钥长度。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '2048', + ], + 'X509Certificate' => [ + 'description' => 'CA证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----', + ], + 'SubjectDN' => [ + 'description' => 'CA证书的DN(Distinguished Name)属性,表示证书的使用者,具体包含以下信息:'."\n" + ."\n" + .'- **C**:组织机构所在国家代码。'."\n" + .'- **O**:组织机构的名称。'."\n" + .'- **OU**:组织机构下的部门。'."\n" + .'- **L**:组织机构所在城市。'."\n" + .'- **CN**:组织机构的通用名称或简称。', + 'type' => 'string', + 'example' => 'C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun', + ], + 'SignAlgorithm' => [ + 'description' => 'CA证书的签名算法。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'OrganizationUnit' => [ + 'description' => 'CA证书关联的组织机构下部门的名称。', + 'type' => 'string', + 'example' => 'Security', + ], + 'AfterDate' => [ + 'description' => 'CA证书的到期日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1665819958000', + ], + 'Sha2' => [ + 'description' => 'CA证书的SHA256数字指纹。', + 'type' => 'string', + 'example' => '14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****', + ], + 'CommonName' => [ + 'description' => 'CA证书关联的组织机构的通用名称或简称。', + 'type' => 'string', + 'example' => 'Aliyun', + ], + 'Md5' => [ + 'description' => 'CA证书的MD5数字指纹。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'CountryCode' => [ + 'description' => 'CA证书关联的组织机构所在国家的代码。'."\n" + ."\n" + .'关于不同国家代码的含义,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'example' => 'CN', + ], + 'BeforeDate' => [ + 'description' => 'CA证书的签发日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1634283958000', + ], + 'Alias' => [ + 'description' => '实例别名。', + 'type' => 'string', + 'example' => 'Aliyun_CA', + ], + 'Trial' => [ + 'description' => '是否为试用实例。取值:'."\n" + ."\n" + .'- 0:表示否。'."\n" + .'- 1:表示是。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '0', + ], + 'Gift' => [ + 'description' => '是否为赠送实例。取值:'."\n" + ."\n" + .'- 0:表示否。'."\n" + .'- 1:表示是。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ResourceGroupId' => [ + 'description' => '证书所属资源组的ID。', + 'type' => 'string', + 'example' => 'rg-acfmzjwrhehpavi', + ], + ], + ], + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询所有根CA证书和子CA证书的信息', + 'summary' => '查询所有根CA证书和子CA证书的信息。', + 'description' => '本接口用于分页查询您已创建的所有CA证书(包括根CA证书和子CA证书)的详细信息,例如,CA证书的唯一识别码、序列号、使用者信息、证书内容等。'."\n" + ."\n\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCACertificateList', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCACertificateList', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"CurrentPage\\": 1,\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"TotalCount\\": 2,\\n \\"PageCount\\": 1,\\n \\"ShowSize\\": 20,\\n \\"CertificateList\\": [\\n {\\n \\"Years\\": 3,\\n \\"Status\\": \\"ISSUE\\",\\n \\"SerialNumber\\": \\"70e3b2566d92805173767869727fb92e****\\",\\n \\"CertificateType\\": \\"SUB_ROOT\\",\\n \\"Algorithm\\": \\"RSA\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"Organization\\": \\"阿里云计算有限公司\\",\\n \\"ParentIdentifier\\": \\"1a83bcbb89e562885e40aa0108f5****\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"Identifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Sans\\": \\"1\\",\\n \\"KeySize\\": 2048,\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----\\",\\n \\"SubjectDN\\": \\"C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun\\",\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"AfterDate\\": 1665819958000,\\n \\"Sha2\\": \\"14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****\\",\\n \\"CommonName\\": \\"Aliyun\\",\\n \\"Md5\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"BeforeDate\\": 1634283958000,\\n \\"Alias\\": \\"Aliyun_CA\\",\\n \\"Trial\\": 0,\\n \\"Gift\\": 1,\\n \\"ResourceGroupId\\": \\"rg-acfmzjwrhehpavi\\"\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<DescribeCACertificateListResponse>\\n <CurrentPage>1</CurrentPage>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <TotalCount>2</TotalCount>\\n <PageCount>1</PageCount>\\n <ShowSize>20</ShowSize>\\n <CertificateList>\\n <Years>1</Years>\\n <Status>ISSUE</Status>\\n <SerialNumber>70e3b2566d92805173767869727fb92e****</SerialNumber>\\n <CertificateType>SUB_ROOT</CertificateType>\\n <Algorithm>RSA</Algorithm>\\n <State>Zhejiang</State>\\n <Organization>阿里云计算有限公司</Organization>\\n <ParentIdentifier>1a83bcbb89e562885e40aa0108f5****</ParentIdentifier>\\n <Locality>Hangzhou</Locality>\\n <Identifier>160ae6bb538d538c70c01f81dcf2****</Identifier>\\n <KeySize>2048</KeySize>\\n <X509Certificate>-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----</X509Certificate>\\n <SubjectDN>C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun</SubjectDN>\\n <SignAlgorithm>SHA256WITHRSA</SignAlgorithm>\\n <OrganizationUnit>Security</OrganizationUnit>\\n <AfterDate>1665819958000</AfterDate>\\n <Sha2>14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****</Sha2>\\n <CommonName>Aliyun</CommonName>\\n <Md5>160ae6bb538d538c70c01f81dcf2****</Md5>\\n <CountryCode>CN</CountryCode>\\n <BeforeDate>1634283958000</BeforeDate>\\n </CertificateList>\\n <CertificateList>\\n <Years>1</Years>\\n <Status>ISSUE</Status>\\n <SerialNumber>566d70e3b292805173767869727fb92e****</SerialNumber>\\n <CertificateType>ROOT</CertificateType>\\n <Algorithm>RSA</Algorithm>\\n <State>Zhejiang</State>\\n <Organization>阿里巴巴网络技术有限公司</Organization>\\n <Locality>Hangzhou</Locality>\\n <Identifier>1a83bcbb89e562885e40aa0108f5****</Identifier>\\n <KeySize>2048</KeySize>\\n <X509Certificate>-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----</X509Certificate>\\n <SubjectDN>C=CN,O=阿里巴巴网络技术有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Alibaba</SubjectDN>\\n <SignAlgorithm>SHA256WITHRSA</SignAlgorithm>\\n <OrganizationUnit>Security</OrganizationUnit>\\n <AfterDate>1665819958000</AfterDate>\\n <Sha2>1fcec36d65814dcc8afc7578ef7e20de18f6957bbac42b373a66bc9de4e9****</Sha2>\\n <CommonName>Aliyun</CommonName>\\n <Md5>1a83bcbb89e562885e40aa0108f5****</Md5>\\n <CountryCode>CN</CountryCode>\\n <BeforeDate>1634283958000</BeforeDate>\\n </CertificateList>\\n</DescribeCACertificateListResponse>","errorExample":""}]', + ], + 'DescribeCertificatePrivateKey' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '103267', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要获取私钥的客户端证书或服务端证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[ListClientCertificate](~~465990~~)查询所有客户端与服务端证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => 'bc37133bb7ed68c7938d928fd26d****', + ], + ], + [ + 'name' => 'EncryptedCode', + 'in' => 'query', + 'schema' => [ + 'description' => '设置用于加密私钥的密码。支持使用英文大小写字母、数字、特殊字符(例如,`,.+-_#`)等。最大长度为32字节。'."\n" + ."\n" + .'><warning> 请记住您设置的密码,后续您需要使用该密码为私钥(加密格式)解密。如果您忘记了已设置的私钥密码,则本次调用获取的私钥(加密格式)将无法解密,您必须重新调用本接口。'."\n" + .'></warning>', + 'type' => 'string', + 'required' => true, + 'example' => '!Demo@WS3ed', + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '证书所属资源组的ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'GetCertificatePrivateKeyResponse', + 'description' => 'GetCertificatePrivateKeyResponse。', + 'type' => 'object', + 'properties' => [ + 'EncryptedData' => [ + 'description' => '加密后的私钥内容。', + 'type' => 'string', + 'example' => '-----BEGIN ENCRYPTED PRIVATE KEY----- …… -----END ENCRYPTED PRIVATE KEY-----', + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '09470F19-CEE8-5C63-BF2C-02B5E3F07A17', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询证书的私钥', + 'summary' => '获取单个客户端证书或服务端证书的私钥(加密格式)。', + 'description' => '本接口只适用基于系统生成的CSR(Certificate Signing Request)签发的证书,用于获取客户端证书或服务端证书的私钥(加密格式)。调用本接口前,您必须已经调用以下接口签发了客户端证书或服务端证书:'."\n" + .'- [CreateClientCertificate](~~465967~~)'."\n" + .'- [CreateServerCertificate](~~465975~~)'."\n" + ."\n" + .'为确保私钥传输安全,本接口会使用您设置的私钥密码(一个加密字符串)为私钥加密,并返回加密后的私钥。您获取证书私钥(加密格式)后,可以通过以下方法为私钥解密:'."\n" + ."\n" + .'- 证书的加密算法为RSA时,您需要在安装了[OpenSSL](https://www.openssl.org/source/)或[BabaSSL](https://github.com/BabaSSL/BabaSSL)的计算机上执行`openssl rsa -in <加密的私钥文件> -passin pass:<私钥密码> -out <解密的私钥文件>`命令来解密私钥。'."\n" + .'- 证书的加密算法为ECC时,您需要在安装了[OpenSSL](https://www.openssl.org/source/)或[BabaSSL](https://github.com/BabaSSL/BabaSSL)的计算机上执行`openssl ec -in <加密的私钥文件> -passin pass:<私钥密码> -out <解密的私钥文件>`命令来解密私钥。'."\n" + .'- 证书的加密算法为SM2时,您需要在安装了[BabaSSL](https://github.com/BabaSSL/BabaSSL)的计算机上执行`openssl ec -in <加密的私钥文件> -passin pass:<私钥密码> -out <解密的私钥文件>`命令来解密私钥。'."\n" + ."\n" + .'> 您可以调用[DescribeClientCertificate](~~465985~~)查询客户端证书或服务端证书的加密算法类型。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCertificatePrivateKey', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCertificatePrivateKey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"EncryptedData\\": \\"-----BEGIN ENCRYPTED PRIVATE KEY----- …… -----END ENCRYPTED PRIVATE KEY-----\\",\\n \\"RequestId\\": \\"09470F19-CEE8-5C63-BF2C-02B5E3F07A17\\"\\n}","errorExample":""},{"type":"xml","example":"<DescribeCertificatePrivateKeyResponse>\\n <EncryptedData>-----BEGIN ENCRYPTED PRIVATE KEY----- …… -----END ENCRYPTED PRIVATE KEY-----</EncryptedData>\\n <RequestId>09470F19-CEE8-5C63-BF2C-02B5E3F07A17</RequestId>\\n</DescribeCertificatePrivateKeyResponse>","errorExample":""}]', + ], + 'DescribeClientCertificate' => [ + 'summary' => '通过证书的唯一识别码查询单个客户端证书或服务端证书的详细信息。', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83515', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的客户端证书或服务端证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[ListClientCertificate](~~465990~~)查询所有客户端证书和服务端证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'DescribeCertificateResponse<CertificateWithContentDTO>', + 'description' => 'DescribeCertificateResponse<CertificateWithContentDTO>', + 'type' => 'object', + 'properties' => [ + 'Certificate' => [ + 'description' => '客户端证书或服务端证书的详细信息。', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----', + ], + 'Identifier' => [ + 'description' => '证书的唯一识别码。', + 'type' => 'string', + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + 'SerialNumber' => [ + 'description' => '证书的序列号。', + 'type' => 'string', + 'example' => '62b2b943a32d96883a6650e672ea0276****', + ], + 'SubjectDN' => [ + 'description' => '证书的DN(Distinguished Name)属性,表示证书的使用者,具体包含以下信息:'."\n" + ."\n" + .'- **C**:国家。'."\n" + .'- **O**:组织机构。'."\n" + .'- **OU**:部门。'."\n" + .'- **L**:城市。'."\n" + .'<props="china">- **ST**:省份、直辖市或自治区。</props>'."\n" + .'<props="intl">- **ST**:省份或州。</props>'."\n" + .'- **CN**:公用名。', + 'type' => 'string', + 'example' => 'C=CN,O=Aliyun,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun', + ], + 'CommonName' => [ + 'description' => '证书的公用名。', + 'type' => 'string', + 'example' => 'aliyun.com', + ], + 'OrganizationUnit' => [ + 'description' => '签发该证书的子CA证书关联的组织机构下部门的名称。', + 'type' => 'string', + 'example' => 'Security', + ], + 'Organization' => [ + 'description' => '签发该证书的子CA证书关联的组织机构的名称。', + 'type' => 'string', + 'example' => 'Aliyun', + ], + 'Locality' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在城市的名称。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'State' => [ + 'description' => '<props="china">签发该证书的子CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">签发该证书的子CA证书关联的组织机构所在省份或州的名称。</props>', + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'CountryCode' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在国家的代码。'."\n" + ."\n" + .'关于不同国家代码的含义,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'example' => 'CN', + ], + 'Sans' => [ + 'description' => '证书的SAN(Subject Alternative Name)扩展属性,表示证书关联的其他域名、IP地址等。'."\n" + ."\n" + .'该参数使用JSON数组转化的字符串表示。JSON数组中的每个元素是一个结构体,对应一个SAN扩展。'."\n" + .'每个SAN扩展结构体包含以下参数:'."\n" + ."\n" + .'- **Type**:Integer类型,表示扩展的类型。取值:'."\n" + .' - **1**:表示邮箱地址。'."\n" + .' - **2**:表示域名。'."\n" + .' - **6**:表示统一资源标志符URI(Uniform Resource Identifier)。'."\n" + .' - **7**:表示IP地址。'."\n" + .'- **Value**:String类型,表示扩展的内容。', + 'type' => 'string', + 'example' => '[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]', + ], + 'Status' => [ + 'description' => '证书的状态。取值:'."\n" + ."\n" + .'- **ISSUE**:表示正常签发。'."\n" + .'- **REVOKE**:表示已被吊销。', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'BeforeDate' => [ + 'description' => '证书的签发日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1634283958000', + ], + 'AfterDate' => [ + 'description' => '证书的到期日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1665819958000', + ], + 'Algorithm' => [ + 'description' => '证书的加密算法类型。取值:'."\n" + ."\n" + .'- **RSA**:表示RSA算法。'."\n" + .'- **ECC**:表示ECC算法。'."\n" + .'- **SM2**:表示SM2(国密)算法。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'KeySize' => [ + 'description' => '证书的密钥长度。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '4096', + ], + 'SignAlgorithm' => [ + 'description' => '证书的签名算法。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'CertificateType' => [ + 'description' => '证书的类型。取值:'."\n" + ."\n" + .'- **CLIENT**:表示客户端证书。'."\n" + .'- **SERVER**:表示服务端证书。', + 'type' => 'string', + 'example' => 'SERVER', + ], + 'ParentIdentifier' => [ + 'description' => '签发该证书的子CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Sha2' => [ + 'description' => '证书的SHA256数字指纹。', + 'type' => 'string', + 'example' => '14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****', + ], + 'Md5' => [ + 'description' => '证书的MD5数字指纹。', + 'type' => 'string', + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + 'Days' => [ + 'description' => '证书的有效期。单位:天。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '365', + ], + 'ResourceGroupId' => [ + 'description' => '证书所属资源组的ID。', + 'type' => 'string', + 'example' => 'rg-acfmxllajdpw3fi', + ], + 'CertChain' => [ + 'description' => '完整的证书链。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'cert'."\n" + .'-----END CERTIFICATE-----'."\n" + .'-----BEGIN CERTIFICATE-----'."\n" + .'subCA'."\n" + .'-----END CERTIFICATE-----'."\n" + .'-----BEGIN CERTIFICATE-----'."\n" + .'rootCA'."\n" + .'-----END CERTIFICATE-----', + ], + 'CustomIdentifier' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'example' => '***3a32d96883a6650e672ea0276****', + ], + 'UploadFlag' => [ + 'description' => '表示该证书是否已同步到数字证书服务。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'FullAlgorithm' => [ + 'description' => '携带长度的算法。', + 'type' => 'string', + 'example' => 'RSA_2048', + ], + 'AliasName' => [ + 'description' => '设置签发证书的名称。', + 'type' => 'string', + 'example' => 'rsa_root_2048', + ], + 'Id' => [ + 'description' => '证书订单所属数据源ID。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1137354', + ], + 'Tags' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签值。', + 'type' => 'object', + 'properties' => [ + 'TagKey' => [ + 'description' => '标签 Key', + 'type' => 'string', + 'example' => 'testKey', + ], + 'TagValue' => [ + 'description' => '标签值。', + 'type' => 'string', + 'example' => '[{\\"tag\\":\\"PROPERTY_TYPE\\",\\"values\\":[]}]', + ], + ], + ], + 'example' => 'mtls', + ], + ], + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"Certificate\\": {\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----\\",\\n \\"Identifier\\": \\"d3b95700998e47afc4d95f886579****\\",\\n \\"SerialNumber\\": \\"62b2b943a32d96883a6650e672ea0276****\\",\\n \\"SubjectDN\\": \\"C=CN,O=Aliyun,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun\\",\\n \\"CommonName\\": \\"aliyun.com\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"Organization\\": \\"Aliyun\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"Sans\\": \\"[ {\\\\\\"Type\\\\\\": 7, \\\\\\"Value\\\\\\": \\\\\\"192.0.XX.XX\\\\\\"}, {\\\\\\"Type\\\\\\": 2, \\\\\\"Value\\\\\\": \\\\\\"www.aliyundoc.com\\\\\\"}, ]\\",\\n \\"Status\\": \\"ISSUE\\",\\n \\"BeforeDate\\": 1634283958000,\\n \\"AfterDate\\": 1665819958000,\\n \\"Algorithm\\": \\"RSA\\",\\n \\"KeySize\\": 4096,\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"CertificateType\\": \\"SERVER\\",\\n \\"ParentIdentifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Sha2\\": \\"14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****\\",\\n \\"Md5\\": \\"d3b95700998e47afc4d95f886579****\\",\\n \\"Days\\": 365,\\n \\"ResourceGroupId\\": \\"rg-acfmxllajdpw3fi\\",\\n \\"CertChain\\": \\"-----BEGIN CERTIFICATE-----\\\\ncert\\\\n-----END CERTIFICATE-----\\\\n-----BEGIN CERTIFICATE-----\\\\nsubCA\\\\n-----END CERTIFICATE-----\\\\n-----BEGIN CERTIFICATE-----\\\\nrootCA\\\\n-----END CERTIFICATE-----\\",\\n \\"CustomIdentifier\\": \\"***3a32d96883a6650e672ea0276****\\",\\n \\"UploadFlag\\": 1,\\n \\"FullAlgorithm\\": \\"RSA_2048\\",\\n \\"AliasName\\": \\"rsa_root_2048\\",\\n \\"Id\\": 1137354,\\n \\"Tags\\": [\\n {\\n \\"TagKey\\": \\"testKey\\",\\n \\"TagValue\\": \\"[{\\\\\\\\\\\\\\"tag\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"PROPERTY_TYPE\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"values\\\\\\\\\\\\\\":[]}]\\"\\n }\\n ]\\n },\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","errorExample":""},{"type":"xml","example":"<DescribeClientCertificateResponse>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <Certificate>\\n <Status>ISSUE</Status>\\n <SerialNumber>62b2b943a32d96883a6650e672ea0276****</SerialNumber>\\n <CertificateType>SERVER</CertificateType>\\n <Algorithm>RSA</Algorithm>\\n <State>Zhejiang</State>\\n <Organization>阿里云计算有限公司</Organization>\\n <ParentIdentifier>160ae6bb538d538c70c01f81dcf2****</ParentIdentifier>\\n <Locality>Hangzhou</Locality>\\n <Identifier>d3b95700998e47afc4d95f886579****</Identifier>\\n <Sans>[ {\\"Type\\": 7, \\"Value\\": \\"192.0.XX.XX\\"}, {\\"Type\\": 2, \\"Value\\": \\"www.aliyundoc.com\\"}, ]</Sans>\\n <Days>365</Days>\\n <KeySize>4096</KeySize>\\n <X509Certificate>-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----</X509Certificate>\\n <SubjectDN>C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun</SubjectDN>\\n <SignAlgorithm>SHA256WITHRSA</SignAlgorithm>\\n <OrganizationUnit>Security</OrganizationUnit>\\n <AfterDate>1665819958000</AfterDate>\\n <Sha2>14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****</Sha2>\\n <CommonName>aliyun.com</CommonName>\\n <Md5>d3b95700998e47afc4d95f886579****</Md5>\\n <CountryCode>CN</CountryCode>\\n <BeforeDate>1634283958000</BeforeDate>\\n </Certificate>\\n</DescribeClientCertificateResponse>","errorExample":""}]', + 'title' => '查询证书详细信息', + 'description' => '本接口用于通过证书的唯一识别码,查询单个客户端证书或服务端证书的详细信息,例如,证书的序列号、使用者信息、内容、状态等。'."\n" + ."\n" + .'调用本接口前,您必须已经创建了客户端证书或服务端证书。'."\n" + ."\n" + .'关于如何调用API创建客户端证书,请参见:'."\n" + .'- [CreateClientCertificate](~~465967~~)'."\n" + .'- [CreateClientCertificateWithCsr](~~465970~~)'."\n" + ."\n\n" + .'关于如何调用API创建服务端证书,请参见:'."\n" + .'- [CreateServerCertificate](~~465975~~)'."\n" + .'- [CreateServerCertificateWithCsr](~~465979~~)'."\n" + ."\n\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeClientCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + ], + 'DescribeClientCertificateForSerialNumber' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => true, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREcasDX3LGS', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'SerialNumber', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的客户端证书或服务端证书的序列号。多个序列号之间使用半角逗号(,)分隔。'."\n" + ."\n" + .'> 您可以调用[ListClientCertificate](~~330884~~)查询所有客户端证书和服务端证书的序列号。', + 'type' => 'string', + 'required' => true, + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'ListCertificateResponse<CertificateWithContentDTO>', + 'description' => 'ListCertificateResponse<CertificateWithContentDTO>', + 'type' => 'object', + 'properties' => [ + 'CertificateList' => [ + 'description' => '客户端证书或服务端证书的详细信息。', + 'type' => 'array', + 'items' => [ + 'description' => '证书信息。', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----', + ], + 'Identifier' => [ + 'description' => '证书的唯一识别码。', + 'type' => 'string', + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + 'SerialNumber' => [ + 'description' => '证书的序列号。', + 'type' => 'string', + 'example' => '084bde9cd233f0ddae33adc438cfbbbd****', + ], + 'SubjectDN' => [ + 'description' => '证书的DN(Distinguished Name)属性,表示证书的使用者,具体包含以下信息:'."\n" + ."\n" + .'- **C**:国家。'."\n" + .'- **O**:组织机构。'."\n" + .'- **OU**:部门。'."\n" + .'- **L**:城市。'."\n" + .'<props="china">- **ST**:省份、直辖市或自治区。</props>'."\n" + .'<props="intl">- **ST**:省份或州。</props>'."\n" + .'- **CN**:公用名。', + 'type' => 'string', + 'example' => 'C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun', + ], + 'CommonName' => [ + 'description' => '证书的公用名。', + 'type' => 'string', + 'example' => 'aliyun.com', + ], + 'OrganizationUnit' => [ + 'description' => '签发该证书的子CA证书关联的组织机构下部门的名称。', + 'type' => 'string', + 'example' => 'Security', + ], + 'Organization' => [ + 'description' => '签发该证书的子CA证书关联的组织机构的名称。', + 'type' => 'string', + 'example' => '阿里云计算有限公司', + ], + 'Locality' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在城市的名称。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'State' => [ + 'description' => '<props="china">签发该证书的子CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">签发该证书的子CA证书关联的组织机构所在省份或州的名称。</props>', + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'CountryCode' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在国家的代码。'."\n" + ."\n" + .'关于不同国家代码的含义,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'example' => 'CN', + ], + 'Sans' => [ + 'description' => '证书的SAN(Subject Alternative Name)扩展属性,表示证书关联的其他域名、IP地址等。'."\n" + ."\n" + .'该参数使用JSON数组转化的字符串表示。JSON数组中的每个元素是一个结构体,对应一个SAN扩展。'."\n" + .'每个SAN扩展结构体包含以下参数:'."\n" + ."\n" + .'- **Type**:Integer类型,表示扩展的类型。取值:'."\n" + .' - **1**:表示邮箱地址。'."\n" + .' - **2**:表示域名。'."\n" + .' - **6**:表示统一资源标志符URI(Uniform Resource Identifier)。'."\n" + .' - **7**:表示IP地址。'."\n" + .'- **Value**:String类型,表示扩展的内容。', + 'type' => 'string', + 'example' => '[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]', + ], + 'Status' => [ + 'description' => '证书的状态。取值:'."\n" + ."\n" + .'- **ISSUE**:表示正常签发。'."\n" + .'- **REVOKE**:表示已被吊销。', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'BeforeDate' => [ + 'description' => '证书的签发时间。', + 'type' => 'string', + 'example' => '2021-10-28T16:15Z', + ], + 'AfterDate' => [ + 'description' => '证书的到期时间。', + 'type' => 'string', + 'example' => '2022-08-23T16:15Z', + ], + 'Algorithm' => [ + 'description' => '证书的加密算法类型。取值:'."\n" + ."\n" + .'- **RSA**:表示RSA算法。'."\n" + .'- **ECC**:表示ECC算法。'."\n" + .'- **SM2**:表示SM2(国密)算法。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'KeySize' => [ + 'description' => '证书的密钥长度。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '4096', + ], + 'SignAlgorithm' => [ + 'description' => '证书的签名算法。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'CertificateType' => [ + 'description' => '证书类型。', + 'type' => 'string', + 'example' => 'SUB_ROOT', + ], + 'ParentIdentifier' => [ + 'description' => '如果该参数不为空,代表该客户端证书的颁发机构为阿里云。', + 'type' => 'string', + 'example' => '1a83bcbb89e562885e40aa0108f5****', + ], + 'Sha2' => [ + 'description' => '证书的SHA256数字指纹。', + 'type' => 'string', + 'example' => '14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****', + ], + 'Md5' => [ + 'description' => '证书的MD5数字指纹。', + 'type' => 'string', + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + 'Years' => [ + 'description' => '该参数已废弃。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + ], + ], + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'substitutions' => [ + 'cas::2020-06-30::DescribeClientCertificate', + ], + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeClientCertificateForSerialNumber', + 'summary' => '通过证书的序列号批量查询客户端证书或服务端证书的详细信息。', + 'description' => '# 使用说明'."\n" + ."\n" + .'本接口用于通过证书的序列号,批量查询客户端证书或服务端证书的详细信息,例如,证书的序列号、使用者信息、内容、状态等。'."\n" + ."\n" + .'调用本接口前,您必须已经创建了客户端证书或服务端证书。'."\n" + ."\n" + .'关于如何调用API创建客户端证书,请参见:'."\n" + .'- [CreateClientCertificate](~~330873~~)'."\n" + .'- [CreateClientCertificateWithCsr](~~330875~~)'."\n" + .'- [CreateCertificateWithExtension](~~328092~~)'."\n" + ."\n" + .'关于如何调用API创建服务端证书,请参见:'."\n" + .'- [CreateServerCertificate](~~330877~~)'."\n" + .'- [CreateServerCertificateWithCsr](~~330878~~)'."\n" + .'- [CreateCertificateWithExtension](~~328092~~)'."\n" + ."\n\n" + .'# QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。公共请求参数的详细介绍,请参见[公共参数](~~327167~~)。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificateForSerialNumber', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"CertificateList\\": [\\n {\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----\\",\\n \\"Identifier\\": \\"d3b95700998e47afc4d95f886579****\\",\\n \\"SerialNumber\\": \\"084bde9cd233f0ddae33adc438cfbbbd****\\",\\n \\"SubjectDN\\": \\"C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun\\",\\n \\"CommonName\\": \\"aliyun.com\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"Organization\\": \\"阿里云计算有限公司\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"Sans\\": \\"[ {\\\\\\"Type\\\\\\": 7, \\\\\\"Value\\\\\\": \\\\\\"192.0.XX.XX\\\\\\"}, {\\\\\\"Type\\\\\\": 2, \\\\\\"Value\\\\\\": \\\\\\"www.aliyundoc.com\\\\\\"}, ]\\",\\n \\"Status\\": \\"ISSUE\\",\\n \\"BeforeDate\\": \\"2021-10-28T16:15Z\\",\\n \\"AfterDate\\": \\"2022-08-23T16:15Z\\",\\n \\"Algorithm\\": \\"RSA\\",\\n \\"KeySize\\": 4096,\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"CertificateType\\": \\"SUB_ROOT\\",\\n \\"ParentIdentifier\\": \\"1a83bcbb89e562885e40aa0108f5****\\",\\n \\"Sha2\\": \\"14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****\\",\\n \\"Md5\\": \\"d3b95700998e47afc4d95f886579****\\",\\n \\"Years\\": 1\\n }\\n ],\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","errorExample":""},{"type":"xml","example":"<DescribeClientCertificateForSerialNumberResponse>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <CertificateList>\\n <Status>ISSUE</Status>\\n <SerialNumber>084bde9cd233f0ddae33adc438cfbbbd****</SerialNumber>\\n <Algorithm>RSA</Algorithm>\\n <State>Zhejiang</State>\\n <Organization>阿里云计算有限公司</Organization>\\n <Locality>Hangzhou</Locality>\\n <Identifier>d3b95700998e47afc4d95f886579****</Identifier>\\n <Sans>[ {\\"Type\\": 7, \\"Value\\": \\"192.0.XX.XX\\"}, {\\"Type\\": 2, \\"Value\\": \\"www.aliyundoc.com\\"}, ]</Sans>\\n <KeySize>4096</KeySize>\\n <X509Certificate>-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----</X509Certificate>\\n <SubjectDN>C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun</SubjectDN>\\n <SignAlgorithm>SHA256WITHRSA</SignAlgorithm>\\n <OrganizationUnit>Security</OrganizationUnit>\\n <AfterDate>2022-08-23T16:15Z</AfterDate>\\n <Sha2>14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****</Sha2>\\n <CommonName>aliyun.com</CommonName>\\n <Md5>d3b95700998e47afc4d95f886579****</Md5>\\n <CountryCode>CN</CountryCode>\\n <BeforeDate>2021-10-28T16:15Z</BeforeDate>\\n </CertificateList>\\n</DescribeClientCertificateForSerialNumberResponse>","errorExample":""}]', + ], + 'DescribeClientCertificateStatus' => [ + 'summary' => '通过证书的唯一识别码查询客户端证书和服务端证书的状态信息。', + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83517', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的客户端证书或服务端证书的唯一识别码。多个证书识别码之间使用半角逗号(,)分隔。'."\n" + ."\n\n" + .'> 您可以调用[ListClientCertificate](~~465990~~)查询所有客户端与服务端证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'CertificateStatus' => [ + 'description' => '证书状态的详细信息。', + 'type' => 'array', + 'items' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'SerialNumber' => [ + 'description' => '证书的序列号。', + 'type' => 'string', + 'example' => 'b67e53ebcea9b77d65b0c3236646d715****', + ], + 'Status' => [ + 'description' => '证书的当前状态。取值:'."\n" + ."\n" + .'- **good**:表示该证书未被吊销。'."\n" + .'- **revoked**:表示该证书已被吊销。'."\n" + .'- **unknown**:表示服务器不能判断该证书的状态。', + 'type' => 'string', + 'example' => 'good', + ], + 'RevokeTime' => [ + 'description' => '证书被吊销的日期。'."\n" + ."\n" + .'> 只有当**Status**为**revoked**(表示证书已被吊销)时,才会返回该参数。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '2021-01-01T00:00Z', + ], + ], + ], + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询证书的状态信息', + 'description' => '本接口用于通过证书的唯一识别码,批量查询客户端证书或服务端证书的状态,例如,证书是否已被吊销。'."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeClientCertificateStatus', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificateStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"CertificateStatus\\": [\\n {\\n \\"SerialNumber\\": \\"b67e53ebcea9b77d65b0c3236646d715****\\",\\n \\"Status\\": \\"good\\",\\n \\"RevokeTime\\": 0\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeClientCertificateStatusForSerialNumber' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83518', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'SerialNumber', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的客户端证书或服务端证书的序列号。多个证书序列号之间使用半角逗号(,)分隔。'."\n" + ."\n\n" + .'> 您可以调用[ListClientCertificate](~~330884~~)查询所有客户端与服务端证书的序列号。', + 'type' => 'string', + 'required' => true, + 'example' => 'b67e53ebcea9b77d65b0c3236646d715****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'CertificateStatus' => [ + 'description' => '证书状态的详细信息。', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'SerialNumber' => [ + 'description' => '证书的序列号。', + 'type' => 'string', + 'example' => 'b67e53ebcea9b77d65b0c3236646d715****', + ], + 'Status' => [ + 'description' => '证书的当前状态。取值:'."\n" + ."\n" + .'- **good**:表示该证书未被吊销。'."\n" + .'- **revoked**:表示该证书已被吊销。'."\n" + .'- **unknown**:表示服务器不能判断该证书的状态。', + 'type' => 'string', + 'example' => 'good', + ], + 'RevokeTime' => [ + 'description' => '证书被吊销的日期。'."\n" + ."\n" + .'> 只有当**Status**为**revoked**(表示证书已被吊销)时,才会返回该参数。'."\n", + 'type' => 'integer', + 'format' => 'int64', + 'example' => '2021-01-01T00:00', + ], + ], + 'description' => '', + ], + ], + ], + 'description' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeClientCertificateStatusForSerialNumber', + 'summary' => '通过证书的序列号查询客户端证书和服务端证书的状态信息。', + 'description' => '# 使用说明'."\n" + ."\n" + .'本接口用于通过证书的序列号,批量查询客户端证书或服务端证书的状态,例如,证书是否已被吊销。'."\n" + ."\n\n" + .'# QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。公共请求参数的详细介绍,请参见[公共参数](~~327167~~)。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificateStatusForSerialNumber', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"CertificateStatus\\": [\\n {\\n \\"SerialNumber\\": \\"b67e53ebcea9b77d65b0c3236646d715****\\",\\n \\"Status\\": \\"good\\",\\n \\"RevokeTime\\": 0\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<DescribeClientCertificateStatusForSerialNumberResponse>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <CertificateStatus>\\n <SerialNumber>b67e53ebcea9b77d65b0c3236646d715****</SerialNumber>\\n <Status>good</Status>\\n </CertificateStatus>\\n</DescribeClientCertificateStatusForSerialNumberResponse>","errorExample":""}]', + ], + 'DescribePcaAndExternalCACertificateList' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => true, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + ], + 'parameters' => [ + [ + 'name' => 'CurrentPage', + 'in' => 'query', + 'schema' => [ + 'description' => '当前页码。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'ShowSize', + 'in' => 'query', + 'schema' => [ + 'description' => '指定每页显示多少条记录。默认值为50。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '50', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'CurrentPage' => [ + 'description' => '当前页码。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'RequestId' => [ + 'description' => '结果的请求id。', + 'type' => 'string', + 'example' => 'CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D', + ], + 'TotalCount' => [ + 'description' => '总记录数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '10', + ], + 'PageCount' => [ + 'description' => '列表条目数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ShowSize' => [ + 'description' => '指定每页显示多少条记录。默认值为50。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '10', + ], + 'CertificateList' => [ + 'description' => '证书显示列表。', + 'type' => 'array', + 'items' => [ + 'description' => '证书显示列表。', + 'type' => 'object', + 'properties' => [ + 'Years' => [ + 'description' => '证书购买年限。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '3', + ], + 'Status' => [ + 'description' => '证书状态。取值:-**payed**:已付款-**checking**:审核中-**issued**:已签发-**revoked**:已吊销-**checked_fail**:审核失败', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。', + 'type' => 'string', + 'example' => '62b2b943a32d96883a6650e672ea0276****', + ], + 'CertificateType' => [ + 'description' => '证书类型。', + 'type' => 'string', + 'example' => 'SUB_ROOT', + ], + 'Algorithm' => [ + 'description' => '证书id。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'State' => [ + 'description' => '证书状态。-**success**:已生效-**checking**:检测域名是否在阿里云全站加速-**cname_error**:域名没有切到阿里云全球加速实例-**domain_invalid**:域名包含非法字符-**unsupport_wildcard**:不支持泛域名', + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'Organization' => [ + 'description' => '证书组织。', + 'type' => 'string', + 'example' => '阿里云计算有限公司', + ], + 'ParentIdentifier' => [ + 'description' => '父证书id。', + 'type' => 'string', + 'example' => '1a83bcbb89e562885e40aa0108f5****', + ], + 'Locality' => [ + 'description' => '证书绑定的主域名。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'Identifier' => [ + 'description' => '证书id。', + 'type' => 'string', + 'example' => '05e148d8d3ecc9976d9ecd2b2f25****', + ], + 'Sans' => [ + 'description' => '证书绑定的所有域名。', + 'type' => 'string', + 'example' => '[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]', + ], + 'KeySize' => [ + 'description' => '证书key的大小,单位gb。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '2048', + ], + 'X509Certificate' => [ + 'description' => 'x09证书。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----', + ], + 'SubjectDN' => [ + 'description' => '证书主体(拥有者),采用dn标识。', + 'type' => 'string', + 'example' => 'C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun', + ], + 'SignAlgorithm' => [ + 'description' => '证书签名算法,取值:-**prefix**:前缀验证。-**match**:完全匹配。-**any**:全部匹配。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'OrganizationUnit' => [ + 'description' => '证书颁发机构。', + 'type' => 'string', + 'example' => 'Security', + ], + 'AfterDate' => [ + 'description' => '证书到期时间。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '2022-08-23T16:15Z', + ], + 'Sha2' => [ + 'description' => '证书绑定的主域名。', + 'type' => 'string', + 'example' => '14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****', + ], + 'CommonName' => [ + 'description' => '证书绑定的主域名。', + 'type' => 'string', + 'example' => 'aliyun.com', + ], + 'Md5' => [ + 'description' => '证书绑定的md5值。', + 'type' => 'string', + 'example' => '05e148d8d3ecc9976d9ecd2b2f25****', + ], + 'CountryCode' => [ + 'description' => '证书国家标准编码。', + 'type' => 'string', + 'example' => 'CN', + ], + 'BeforeDate' => [ + 'description' => '证书签发时间。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '2021-01-01T00:00Z', + ], + ], + ], + ], + ], + 'description' => '', + ], + ], + ], + 'staticInfo' => [ + 'substitutions' => [ + 'cas::2020-06-30::ListAllEndEntityInstance', + ], + ], + 'title' => '获取ipa证书列表', + 'summary' => '返回用户所有CaCertificate,包括PCA内部产生的与导入的外部证书。', + 'description' => '本接口用于分页查询您已创建的所有CA证书(包括根CA证书和子CA证书)的详细信息,例如,CA证书的唯一识别码、序列号、使用者信息、证书内容等。'."\n" + ."\n\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribePcaAndExternalCACertificateList', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"CurrentPage\\": 1,\\n \\"RequestId\\": \\"CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D\\",\\n \\"TotalCount\\": 10,\\n \\"PageCount\\": 1,\\n \\"ShowSize\\": 10,\\n \\"CertificateList\\": [\\n {\\n \\"Years\\": 3,\\n \\"Status\\": \\"ISSUE\\",\\n \\"SerialNumber\\": \\"62b2b943a32d96883a6650e672ea0276****\\",\\n \\"CertificateType\\": \\"SUB_ROOT\\",\\n \\"Algorithm\\": \\"RSA\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"Organization\\": \\"阿里云计算有限公司\\",\\n \\"ParentIdentifier\\": \\"1a83bcbb89e562885e40aa0108f5****\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"Identifier\\": \\"05e148d8d3ecc9976d9ecd2b2f25****\\",\\n \\"Sans\\": \\"[ {\\\\\\"Type\\\\\\": 7, \\\\\\"Value\\\\\\": \\\\\\"192.0.XX.XX\\\\\\"}, {\\\\\\"Type\\\\\\": 2, \\\\\\"Value\\\\\\": \\\\\\"www.aliyundoc.com\\\\\\"}, ]\\",\\n \\"KeySize\\": 2048,\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----\\",\\n \\"SubjectDN\\": \\"C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun\\",\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"AfterDate\\": 0,\\n \\"Sha2\\": \\"14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****\\",\\n \\"CommonName\\": \\"aliyun.com\\",\\n \\"Md5\\": \\"05e148d8d3ecc9976d9ecd2b2f25****\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"BeforeDate\\": 0\\n }\\n ]\\n}","type":"json"}]', + ], + 'GetCAInstanceStatus' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83519', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的私有CA实例的ID。'."\n" + ."\n" + .'> 您在[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买私有CA实例后,可以在**私有证书**页面,通过查看私有CA实例的**详情**,获取私有CA实例的ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'cas-member-0hmi****', + ], + ], + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的客户端证书或服务端证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[ListClientCertificate](~~330884~~)查询所有客户端证书和服务端证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '25589516-2A56-5159-AB88-4A1D9824E183', + ], + 'InstanceStatusList' => [ + 'description' => '私有CA实例的状态详情。', + 'type' => 'array', + 'items' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'CertTotalCount' => [ + 'description' => '私有CA实例能够签发证书的数量。'."\n" + ."\n" + .'对于私有根CA实例(**Type**为**ROOT**),该参数表示能够签发的子CA证书的数量。'."\n" + .'对于私有子CA实例(**Type**为**SUB_ROOT**),该参数表示能够签发的客户端证书和服务端证书的总数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '10', + ], + 'Status' => [ + 'description' => '私有CA实例的状态。取值:'."\n" + ."\n" + .'- **BUY**:表示已购买但是未启用。'."\n" + .'- **USED**:表示已启用。'."\n" + .'- **REFUND**:表示已退款。'."\n" + .'- **REVOKE**:表示已被吊销。', + 'type' => 'string', + 'example' => 'USED', + ], + 'Type' => [ + 'description' => '私有CA实例的类型。取值:'."\n" + ."\n" + .'- **ROOT**:表示根CA实例。'."\n" + .'- **SUB_ROOT**:表示子CA实例。', + 'type' => 'string', + 'example' => 'ROOT', + ], + 'CertIssuedCount' => [ + 'description' => '私有CA实例已经签发证书的数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'BeforeTime' => [ + 'description' => '私有CA证书的签发日期。使用时间戳表示,单位:毫秒。'."\n" + ."\n" + .'> 只有当**Status**为**USED**(表示私有CA实例已启用)或**REVOKE**(表示私有CA实例已被吊销)时,才会返回该参数。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1635177600000', + ], + 'Identifier' => [ + 'description' => '私有CA证书的唯一标识码。'."\n" + ."\n" + .'> 只有当**Status**为**USED**(表示私有CA实例已启用)或**REVOKE**(表示私有CA实例已被吊销)时,才会返回该参数。', + 'type' => 'string', + 'example' => 'a7bb2dd212a2112128cd5cc9b753****', + ], + 'AfterTime' => [ + 'description' => '私有CA证书的到期日期。使用时间戳格式表示,单位:毫秒。'."\n" + ."\n" + .'> 只有当**Status**为**USED**(表示私有CA实例已启用)或**REVOKE**(表示私有CA实例已被吊销)时,才会返回该参数。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1792944000000', + ], + 'InstanceId' => [ + 'description' => '私有CA实例的ID。', + 'type' => 'string', + 'example' => 'cas-member-0hmi****', + ], + 'UseExpireTime' => [ + 'description' => '私有CA实例的到期日期。使用时间戳表示,单位:毫秒。'."\n" + ."\n" + .'> 该参数对应您在购买私有CA实例时选择的购买时长,即PCA服务的时长。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1637251200000', + ], + ], + ], + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询CA实例的状态信息', + 'summary' => '查询您通过SSL证书服务控制台购买的私有根CA实例或私有子CA实例的状态信息。', + 'description' => '本接口用于通过私有CA实例的ID,查询您通过SSL证书服务控制台购买的私有CA实例的状态信息,例如,CA实例的状态、包含的证书数量、已签发的证书数量等。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有CA。具体操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetCAInstanceStatus', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:GetCAInstanceStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"25589516-2A56-5159-AB88-4A1D9824E183\\",\\n \\"InstanceStatusList\\": [\\n {\\n \\"CertTotalCount\\": 10,\\n \\"Status\\": \\"USED\\",\\n \\"Type\\": \\"ROOT\\",\\n \\"CertIssuedCount\\": 1,\\n \\"BeforeTime\\": 1635177600000,\\n \\"Identifier\\": \\"a7bb2dd212a2112128cd5cc9b753****\\",\\n \\"AfterTime\\": 1792944000000,\\n \\"InstanceId\\": \\"cas-member-0hmi****\\",\\n \\"UseExpireTime\\": 1637251200000\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<GetCAInstanceStatusResponse>\\n <RequestId>25589516-2A56-5159-AB88-4A1D9824E183</RequestId>\\n <InstanceStatusList>\\n <Status>USED</Status>\\n <Type>ROOT</Type>\\n <Identifier>a7bb2dd212a2112128cd5cc9b753****</Identifier>\\n <InstanceId>cas-member-0hmi****</InstanceId>\\n <BeforeTime>1635177600000</BeforeTime>\\n <UseExpireTime>1637251200000</UseExpireTime>\\n <AfterTime>1792944000000</AfterTime>\\n <CertTotalCount>10</CertTotalCount>\\n <CertIssuedCount>1</CertIssuedCount>\\n </InstanceStatusList>\\n <InstanceStatusList>\\n <Status>USED</Status>\\n <Type>SUB_ROOT</Type>\\n <Identifier>93b09902767679da31f23adc9513****</Identifier>\\n <InstanceId>cas-member-0hmi****</InstanceId>\\n <BeforeTime>1635177600000</BeforeTime>\\n <UseExpireTime>1637251200000</UseExpireTime>\\n <AfterTime>1792944000000</AfterTime>\\n <CertTotalCount>10</CertTotalCount>\\n <CertIssuedCount>1</CertIssuedCount>\\n </InstanceStatusList>\\n</GetCAInstanceStatusResponse>","errorExample":""}]', + ], + 'ListAllEndEntityInstance' => [ + 'summary' => '查询终端实例', + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '121135', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'ParentId', + 'in' => 'query', + 'schema' => [ + 'description' => '父实例id。', + 'type' => 'integer', + 'format' => 'int64', + 'required' => false, + 'example' => '37633', + ], + ], + [ + 'name' => 'RecursiveChildren', + 'in' => 'query', + 'schema' => [ + 'description' => '指定显示返回结果中的收费类型信息,取值:-**0**:不返回。-**1**:返回。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '9', + ], + ], + [ + 'name' => 'CurrentPage', + 'in' => 'query', + 'schema' => [ + 'description' => '实例列表的页码。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'ShowSize', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,显示的每页数据的最大条数。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '20', + ], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => [ + 'description' => '本次读取的最大数据量。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'maximum' => '1000', + 'minimum' => '0', + 'example' => '20', + ], + ], + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => [ + 'description' => '下一个查询开始Token,NextToken为空说明没有下一个。', + 'type' => 'string', + 'required' => false, + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'OpenApiResponse<PagedResultData<Map<String, Object>>>', + 'description' => 'OpenApiResponse<PagedResultData<Map<String, Object>>>', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => '443C05A8-6C16-52B5-BB97-5D8798F7A49A', + ], + 'TotalCount' => [ + 'description' => '总记录数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '23', + ], + 'PageCount' => [ + 'description' => '总页数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'CurrentPage' => [ + 'description' => '实例列表的页码。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ShowSize' => [ + 'description' => '分页查询时,显示的每页数据的最大条数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '10', + ], + 'List' => [ + 'description' => '实例列表。', + 'type' => 'array', + 'items' => [ + 'description' => '实例列表。', + 'type' => 'object', + 'additionalProperties' => [ + 'type' => 'any', + 'description' => '终端实例详情。', + 'example' => "\n" + .' {'."\n" + .' "CurrentYearFreeCertCount": 0,'."\n" + .' "ParentId": 36739,'."\n" + .' "Trial": false,'."\n" + .' "InstanceId": "cas_deposit-cn-XXX",'."\n" + .' "IssuedCertCount": 29,'."\n" + .' "Algorithm": "RSA",'."\n" + .' "Gift": true,'."\n" + .' "AliasName": "pca-subordinate-XXX",'."\n" + .' "CertCount": 60,'."\n" + .' "CurrentYearIssuedFreeCertCount": 0,'."\n" + .' "Id": 36740,'."\n" + .' "HistoricalIssuedFreeCertCount": 0,'."\n" + .' "Detail": {'."\n" + .' "Identifier": "1f0d426f-8645-62ef-9bd1-XXX",'."\n" + .' "Organization": "a",'."\n" + .' "SerialNumber": "XXX",'."\n" + .' "OrganizationUnit": "a",'."\n" + .' "SubjectDN": "C=AE,ST=a,L=a,O=a,OU=a,CN=a",'."\n" + .' "CommonName": "a"'."\n" + .' }'."\n" + .' }'."\n" + .' ', + ], + ], + ], + 'NextToken' => [ + 'description' => '下一个查询开始Token,NextToken为空说明没有下一个。', + 'type' => 'string', + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + 'MaxResults' => [ + 'description' => '本次读取的最大数据量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '获取可分配证书的终端CA', + 'description' => '本接口用于通过私有CA实例的ID,查询您通过SSL证书服务控制台购买的私有CA实例的状态信息,例如,CA实例的状态、包含的证书数量、已签发的证书数量等。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有CA。具体操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListAllEndEntityInstance', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"443C05A8-6C16-52B5-BB97-5D8798F7A49A\\",\\n \\"TotalCount\\": 23,\\n \\"PageCount\\": 1,\\n \\"CurrentPage\\": 1,\\n \\"ShowSize\\": 10,\\n \\"List\\": [\\n {\\n \\"key\\": \\"\\\\n {\\\\n \\\\\\"CurrentYearFreeCertCount\\\\\\": 0,\\\\n \\\\\\"ParentId\\\\\\": 36739,\\\\n \\\\\\"Trial\\\\\\": false,\\\\n \\\\\\"InstanceId\\\\\\": \\\\\\"cas_deposit-cn-XXX\\\\\\",\\\\n \\\\\\"IssuedCertCount\\\\\\": 29,\\\\n \\\\\\"Algorithm\\\\\\": \\\\\\"RSA\\\\\\",\\\\n \\\\\\"Gift\\\\\\": true,\\\\n \\\\\\"AliasName\\\\\\": \\\\\\"pca-subordinate-XXX\\\\\\",\\\\n \\\\\\"CertCount\\\\\\": 60,\\\\n \\\\\\"CurrentYearIssuedFreeCertCount\\\\\\": 0,\\\\n \\\\\\"Id\\\\\\": 36740,\\\\n \\\\\\"HistoricalIssuedFreeCertCount\\\\\\": 0,\\\\n \\\\\\"Detail\\\\\\": {\\\\n \\\\\\"Identifier\\\\\\": \\\\\\"1f0d426f-8645-62ef-9bd1-XXX\\\\\\",\\\\n \\\\\\"Organization\\\\\\": \\\\\\"a\\\\\\",\\\\n \\\\\\"SerialNumber\\\\\\": \\\\\\"XXX\\\\\\",\\\\n \\\\\\"OrganizationUnit\\\\\\": \\\\\\"a\\\\\\",\\\\n \\\\\\"SubjectDN\\\\\\": \\\\\\"C=AE,ST=a,L=a,O=a,OU=a,CN=a\\\\\\",\\\\n \\\\\\"CommonName\\\\\\": \\\\\\"a\\\\\\"\\\\n }\\\\n }\\\\n \\"\\n }\\n ],\\n \\"NextToken\\": \\"1d2db86sca4384811e0b5e8707e68181f\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', + ], + 'ListCACertificateLog' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83520', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的CA证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[DescribeCACertificateList](~~328095~~)查询所有CA证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'LogList' => [ + 'description' => 'CA证书的操作日志列表。', + 'type' => 'array', + 'items' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'Identifier' => [ + 'description' => 'CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Content' => [ + 'description' => '操作内容描述。', + 'type' => 'string', + 'example' => 'add sub-root ca', + ], + 'CreateTime' => [ + 'description' => '操作时间。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1634539509000', + ], + 'OpType' => [ + 'description' => '操作类型。取值:'."\n" + ."\n" + .'- **ADD**:表示创建CA证书。'."\n" + .'- **UPDATE**:表示修改CA证书的状态。', + 'type' => 'string', + 'example' => 'ADD', + ], + ], + ], + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询CA证书的操作日志', + 'summary' => '查询CA证书的操作日志。', + 'description' => '本接口用于查询CA证书(包括根CA证书和子CA证书)的操作日志,例如,CA证书的创建日志、状态修改日志。'."\n" + ."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListCACertificateLog', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"LogList\\": [\\n {\\n \\"Identifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Content\\": \\"add sub-root ca\\",\\n \\"CreateTime\\": 1634539509000,\\n \\"OpType\\": \\"ADD\\"\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<ListCACertificateLogResponse>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <LogList>\\n <Identifier>160ae6bb538d538c70c01f81dcf2****</Identifier>\\n <Content>add sub-root ca</Content>\\n <CreateTime>1634539509000</CreateTime>\\n <OpType>ADD</OpType>\\n </LogList>\\n</ListCACertificateLogResponse>","errorExample":""}]', + ], + 'ListCert' => [ + 'summary' => '获取证书列表。', + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '158822', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'InstanceUuid', + 'in' => 'query', + 'schema' => [ + 'description' => '实例的uuid。', + 'type' => 'string', + 'required' => false, + 'example' => '1ef79512-569b-6a4e-9105-9b91473562f7', + ], + ], + [ + 'name' => 'BeforeDate', + 'in' => 'query', + 'schema' => [ + 'description' => '证书的修改时间。', + 'type' => 'string', + 'required' => false, + 'example' => '2025-09-04', + ], + ], + [ + 'name' => 'AfterDate', + 'in' => 'query', + 'schema' => [ + 'description' => '证书绑定的主机记录。', + 'type' => 'string', + 'required' => false, + 'example' => '2024-05-13 12:59:45', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => '证书状态。取值:'."\n" + ."\n" + .'- ISSUE:正常。'."\n" + .'- REVOKE:已吊销。', + 'type' => 'string', + 'required' => false, + 'example' => 'ISSUE', + ], + ], + [ + 'name' => 'Type', + 'in' => 'query', + 'schema' => [ + 'description' => '证书类型。取值:'."\n" + ."\n" + .'- SERVER:服务端证书。'."\n" + .'- CLIENT:客户端证书。'."\n" + .'- END_ENTITY:终端证书。', + 'type' => 'string', + 'required' => false, + 'example' => 'CLIENT', + ], + ], + [ + 'name' => 'CurrentPage', + 'in' => 'query', + 'schema' => [ + 'description' => '当前页的页码。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'ShowSize', + 'in' => 'query', + 'schema' => [ + 'description' => '证书的总大小。单位:字节。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '50', + ], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => [ + 'description' => '本次读取的最大数据量。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '20', + ], + ], + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => [ + 'description' => '下一个查询开始Token,NextToken为空说明没有下一个。', + 'type' => 'string', + 'required' => false, + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + ], + [ + 'name' => 'ParentIdentifier', + 'in' => 'query', + 'schema' => [ + 'description' => 'CA标识。标识签发证书的中间CA。', + 'type' => 'string', + 'required' => false, + 'example' => '273ae6bb538d538c70c01f81jh2****', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'OpenApiResponse<PagedResultData<CertificateMeta>>', + 'description' => 'OpenApiResponse<PagedResultData<CertificateMeta>>', + 'type' => 'object', + 'properties' => [ + 'TotalCount' => [ + 'description' => '证书总数。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '10', + ], + 'PageCount' => [ + 'description' => '页码数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'CurrentPage' => [ + 'description' => '当前页码。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ShowSize' => [ + 'description' => '证书的总大小。单位:字节。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '50', + ], + 'List' => [ + 'description' => '证书所属数据源id。', + 'type' => 'array', + 'items' => [ + 'description' => '证书信息。', + 'type' => 'object', + 'properties' => [ + 'Status' => [ + 'description' => '证书状态。取值:'."\n" + ."\n" + .'- ISSUE:正常。'."\n" + .'- REVOKE:已吊销。', + 'type' => 'string', + 'example' => 'complete', + ], + 'AfterDate' => [ + 'description' => '证书到期时间。', + 'type' => 'string', + 'example' => '2024-05-13 12:59:45', + ], + 'Organization' => [ + 'description' => '证书组织。', + 'type' => 'string', + 'example' => 'test', + ], + 'KeyExportable' => [ + 'description' => '是否可以使用该证书。取值:'."\n" + ."\n" + .'- true:可以使用。'."\n" + .'- false:不可以使用。', + 'type' => 'boolean', + ], + 'SubjectDn' => [ + 'description' => '订阅关系id。', + 'type' => 'string', + 'example' => 'SubjectDn', + ], + 'Algorithm' => [ + 'description' => '算法类型。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'CertificateType' => [ + 'description' => '证书类型。取值:'."\n" + ."\n" + .'- free:免费证书。'."\n" + .'- cas:云盾证书。'."\n" + .'- upload:自定义上传。', + 'type' => 'string', + 'example' => 'Server', + ], + 'Identifier' => [ + 'description' => '证书标识。', + 'type' => 'string', + 'example' => '1ef539a8-1e1f-6b88-8c11-21cf01a203e9', + ], + 'SerialNumber' => [ + 'description' => '证书序列号。', + 'type' => 'string', + 'example' => '3a3ee3c3597d675e', + ], + 'Extra' => [ + 'description' => '扩展字段。', + 'type' => 'string', + 'example' => '{"appId":"APP_PFHMIGUHKDUW6S3N7ZL2"}', + ], + 'OrganizationUnit' => [ + 'description' => '购买证书的用户所属的公司或组织名称。', + 'type' => 'string', + 'example' => 'IT', + ], + 'BeforeTime' => [ + 'description' => '客户端证书的签发时间,使用时间戳格式,默认为您调用该接口的时间。单位:毫秒。'."\n" + ."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1728921600000', + ], + 'AliasName' => [ + 'description' => '设置签发证书的名称。', + 'type' => 'string', + 'example' => 'test', + ], + 'AfterTime' => [ + 'description' => '客户端证书的服务到期时间,使用时间戳格式。单位:毫秒。'."\n" + .'>**BeforeTime**和**AfterTime**参数必须同时为空或者同时设置。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1728921600000', + ], + 'Id' => [ + 'description' => '证书订单所属数据源ID。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1806958', + ], + 'Tags' => [ + 'description' => '证书标签。', + 'type' => 'array', + 'items' => [ + 'description' => '证书标签。', + 'type' => 'string', + 'example' => '{"app-57074":"test"}', + ], + ], + 'CommonName' => [ + 'description' => '证书绑定的主域名。', + 'type' => 'string', + 'example' => 'www.kfsjn.xyz', + ], + 'BeforeDate' => [ + 'description' => '证书签发时间。', + 'type' => 'string', + 'example' => '2026-05-19', + ], + 'CustomIdentifier' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'example' => '***b86sca4384811e0b5e8707e68***', + ], + ], + ], + ], + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'NextToken' => [ + 'description' => '下一个查询开始Token,NextToken为空说明没有下一个。', + 'type' => 'string', + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + 'MaxResults' => [ + 'description' => '本次读取的最大数据量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询CA签发的证书列表', + 'description' => '本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"PageCount\\": 1,\\n \\"CurrentPage\\": 1,\\n \\"ShowSize\\": 50,\\n \\"List\\": [\\n {\\n \\"Status\\": \\"complete\\",\\n \\"AfterDate\\": \\"2024-05-13 12:59:45\\",\\n \\"Organization\\": \\"test\\",\\n \\"KeyExportable\\": true,\\n \\"SubjectDn\\": \\"SubjectDn\\",\\n \\"Algorithm\\": \\"RSA\\",\\n \\"CertificateType\\": \\"Server\\",\\n \\"Identifier\\": \\"1ef539a8-1e1f-6b88-8c11-21cf01a203e9\\",\\n \\"SerialNumber\\": \\"3a3ee3c3597d675e\\",\\n \\"Extra\\": \\"{\\\\\\"appId\\\\\\":\\\\\\"APP_PFHMIGUHKDUW6S3N7ZL2\\\\\\"}\\",\\n \\"OrganizationUnit\\": \\"IT\\",\\n \\"BeforeTime\\": 1728921600000,\\n \\"AliasName\\": \\"test\\",\\n \\"AfterTime\\": 1728921600000,\\n \\"Id\\": 1806958,\\n \\"Tags\\": [\\n \\"{\\\\\\"app-57074\\\\\\":\\\\\\"test\\\\\\"}\\"\\n ],\\n \\"CommonName\\": \\"www.kfsjn.xyz\\",\\n \\"BeforeDate\\": \\"2026-05-19\\",\\n \\"CustomIdentifier\\": \\"***b86sca4384811e0b5e8707e68***\\"\\n }\\n ],\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"NextToken\\": \\"1d2db86sca4384811e0b5e8707e68181f\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', + ], + 'ListClientCertificate' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83521', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'CurrentPage', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,设置当前页面的页码。默认值为**1**。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'ShowSize', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,设置每页显示证书的数量。默认值为**20**。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '20', + ], + ], + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的客户端证书或服务端证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[ListClientCertificate](~~330884~~)查询所有客户端证书和服务端证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源组ID。此ID可通过调用[ListResources](~~2716559~~)接口获取。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-ae******4wia', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'ListCertificateResponse2<CertificateWithContentDTO>', + 'description' => 'ListCertificateResponse2<CertificateWithContentDTO>', + 'type' => 'object', + 'properties' => [ + 'CertificateList' => [ + 'description' => '客户端证书或服务端证书的详情列表。', + 'type' => 'array', + 'items' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'X509Certificate' => [ + 'description' => '证书的内容。', + 'type' => 'string', + 'example' => '-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----', + ], + 'Identifier' => [ + 'description' => '证书的唯一识别码。', + 'type' => 'string', + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + 'SerialNumber' => [ + 'description' => '证书的序列号。', + 'type' => 'string', + 'example' => '62b2b943a32d96883a6650e672ea0276****', + ], + 'SubjectDN' => [ + 'description' => '证书的DN(Distinguished Name)属性,表示证书的使用者,具体包含以下信息:'."\n" + ."\n" + .'- **C**:国家。'."\n" + .'- **O**:组织机构。'."\n" + .'- **OU**:部门。'."\n" + .'- **L**:城市。'."\n" + .'<props="china">- **ST**:省份、直辖市或自治区。</props>'."\n" + .'<props="intl">- **ST**:省份或州。</props>'."\n" + .'- **CN**:公用名。', + 'type' => 'string', + 'example' => 'C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun', + ], + 'CommonName' => [ + 'description' => '证书的公用名。', + 'type' => 'string', + 'example' => 'aliyundoc.com', + ], + 'OrganizationUnit' => [ + 'description' => '签发该证书的子CA证书关联的组织机构下部门的名称。', + 'type' => 'string', + 'example' => 'Security', + ], + 'Organization' => [ + 'description' => '签发该证书的子CA证书关联的组织机构的名称。', + 'type' => 'string', + 'example' => '阿里云计算有限公司', + ], + 'Locality' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在城市的名称。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'State' => [ + 'description' => '<props="china">签发该证书的子CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">签发该证书的子CA证书关联的组织机构所在省份或州的名称。</props>', + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'CountryCode' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在国家的代码。'."\n" + ."\n" + .'关于不同国家代码的含义,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'example' => 'CN', + ], + 'Sans' => [ + 'description' => '证书的SAN(Subject Alternative Name)扩展属性,表示证书关联的其他域名、IP地址等。'."\n" + ."\n" + .'该参数使用JSON数组转化的字符串表示。JSON数组中的每个元素是一个结构体,对应一个SAN扩展。'."\n" + .'每个SAN扩展结构体包含以下参数:'."\n" + ."\n" + .'- **Type**:Integer类型,表示扩展的类型。取值:'."\n" + .' - **1**:表示邮箱地址。'."\n" + .' - **2**:表示域名。'."\n" + .' - **6**:表示统一资源标识符URI(Uniform Resource Identifier)。'."\n" + .' - **7**:表示IP地址。'."\n" + .'- **Value**:String类型,表示扩展的内容。', + 'type' => 'string', + 'example' => '[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]', + ], + 'Status' => [ + 'description' => '证书的状态。取值:'."\n" + ."\n" + .'- **ISSUE**:表示正常签发。'."\n" + .'- **REVOKE**:表示已被吊销。', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'BeforeDate' => [ + 'description' => '证书的签发日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1634283958000', + ], + 'AfterDate' => [ + 'description' => '证书的到期日期。使用时间戳表示,单位:毫秒。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1665819958000', + ], + 'Algorithm' => [ + 'description' => '证书的加密算法类型。取值:'."\n" + ."\n" + .'- **RSA**:表示RSA算法。'."\n" + .'- **ECC**:表示ECC算法。'."\n" + .'- **SM2**:表示SM2(国密)算法。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'KeySize' => [ + 'description' => '证书的密钥长度。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '4096', + ], + 'SignAlgorithm' => [ + 'description' => '证书的签名算法。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'CertificateType' => [ + 'description' => '证书的类型。取值:'."\n" + ."\n" + .'- **CLIENT**:表示客户端证书。'."\n" + .'- **SERVER**:表示服务端证书。', + 'type' => 'string', + 'example' => 'SERVER', + ], + 'ParentIdentifier' => [ + 'description' => '签发该证书的子CA证书的唯一识别码。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Sha2' => [ + 'description' => '证书的SHA256数字指纹。', + 'type' => 'string', + 'example' => '14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****', + ], + 'Md5' => [ + 'description' => '证书的MD5数字指纹。', + 'type' => 'string', + 'example' => 'd3b95700998e47afc4d95f886579****', + ], + 'Days' => [ + 'description' => '证书的有效期。单位:天。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '365', + ], + 'ResourceGroupId' => [ + 'description' => '证书所属资源组的ID。', + 'type' => 'string', + 'example' => 'rg-acfmyxa2uv6cu5a', + ], + 'CustomIdentifier' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'example' => '****48d8d3ecc9976d9ecd2b2f25****', + ], + 'Id' => [ + 'description' => '证书主键ID。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '12321', + ], + 'AliasName' => [ + 'description' => '设置签发证书的名称。', + 'type' => 'string', + 'example' => '生产培训10.153.13.177', + ], + ], + ], + ], + 'CurrentPage' => [ + 'description' => '当前页面的页码。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'PageCount' => [ + 'description' => '总页数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ShowSize' => [ + 'description' => '每页显示证书的数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + 'TotalCount' => [ + 'description' => '查询到的客户端证书和服务端证书的总数量。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1', + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + 'MaxResults' => [ + 'description' => '分页参数:结果集的最大数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询证书列表', + 'summary' => '查询所有客户端证书和服务端证书的详细信息。', + 'description' => '本接口用于分页查询您已创建的所有客户端证书和服务端证书的详细信息,例如,证书的唯一识别码、序列号、使用者信息、内容、状态等。'."\n" + ."\n\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListClientCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"CertificateList\\": [\\n {\\n \\"X509Certificate\\": \\"-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----\\",\\n \\"Identifier\\": \\"d3b95700998e47afc4d95f886579****\\",\\n \\"SerialNumber\\": \\"62b2b943a32d96883a6650e672ea0276****\\",\\n \\"SubjectDN\\": \\"C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun\\",\\n \\"CommonName\\": \\"aliyundoc.com\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"Organization\\": \\"阿里云计算有限公司\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"Sans\\": \\"[ {\\\\\\"Type\\\\\\": 7, \\\\\\"Value\\\\\\": \\\\\\"192.0.XX.XX\\\\\\"}, {\\\\\\"Type\\\\\\": 2, \\\\\\"Value\\\\\\": \\\\\\"www.aliyundoc.com\\\\\\"}, ]\\",\\n \\"Status\\": \\"ISSUE\\",\\n \\"BeforeDate\\": 1634283958000,\\n \\"AfterDate\\": 1665819958000,\\n \\"Algorithm\\": \\"RSA\\",\\n \\"KeySize\\": 4096,\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"CertificateType\\": \\"SERVER\\",\\n \\"ParentIdentifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Sha2\\": \\"14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****\\",\\n \\"Md5\\": \\"d3b95700998e47afc4d95f886579****\\",\\n \\"Days\\": 365,\\n \\"ResourceGroupId\\": \\"rg-acfmyxa2uv6cu5a\\",\\n \\"CustomIdentifier\\": \\"****48d8d3ecc9976d9ecd2b2f25****\\",\\n \\"Id\\": 12321,\\n \\"AliasName\\": \\"生产培训10.153.13.177\\"\\n }\\n ],\\n \\"CurrentPage\\": 1,\\n \\"PageCount\\": 1,\\n \\"ShowSize\\": 20,\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\",\\n \\"MaxResults\\": 20\\n}","errorExample":""},{"type":"xml","example":"<ListClientCertificateResponse>\\n <CurrentPage>1</CurrentPage>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n <TotalCount>1</TotalCount>\\n <PageCount>1</PageCount>\\n <ShowSize>20</ShowSize>\\n <CertificateList>\\n <Status>ISSUE</Status>\\n <SerialNumber>62b2b943a32d96883a6650e672ea0276****</SerialNumber>\\n <CertificateType>SERVER</CertificateType>\\n <Algorithm>RSA</Algorithm>\\n <State>Zhejiang</State>\\n <Organization>阿里云计算有限公司</Organization>\\n <ParentIdentifier>160ae6bb538d538c70c01f81dcf2****</ParentIdentifier>\\n <Locality>Hangzhou</Locality>\\n <Identifier>d3b95700998e47afc4d95f886579****</Identifier>\\n <Sans>[ {\\"Type\\": 7, \\"Value\\": \\"192.0.XX.XX\\"}, {\\"Type\\": 2, \\"Value\\": \\"www.aliyundoc.com\\"}, ]</Sans>\\n <Days>365</Days>\\n <KeySize>4096</KeySize>\\n <X509Certificate>-----BEGIN CERTIFICATE----- ...... -----END CERTIFICATE-----</X509Certificate>\\n <SubjectDN>C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun</SubjectDN>\\n <SignAlgorithm>SHA256WITHRSA</SignAlgorithm>\\n <OrganizationUnit>Security</OrganizationUnit>\\n <AfterDate>1665819958000</AfterDate>\\n <Sha2>14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****</Sha2>\\n <CommonName>aliyundoc.com</CommonName>\\n <Md5>d3b95700998e47afc4d95f886579****</Md5>\\n <CountryCode>CN</CountryCode>\\n <BeforeDate>1634283958000</BeforeDate>\\n </CertificateList>\\n</ListClientCertificateResponse>","errorExample":""}]', + ], + 'ListPcaCaCertificate' => [ + 'methods' => [ + 'get', + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '241920', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => [ + 'description' => '分页参数:页面令牌。请求置空表示从头开始。返回为空时表示最后一页。', + 'type' => 'string', + 'required' => false, + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => [ + 'description' => '分页参数:结果集的最大数量,默认值为20。'."\n" + ."\n" + .'取值范围:1~2000', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '20', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'NextTokenWithTotalCountPaginationResponse<ListCaCertificateResult>', + 'description' => 'NextTokenWithTotalCountPaginationResponse<ListCaCertificateResult>', + 'type' => 'object', + 'properties' => [ + 'List' => [ + 'description' => '蜜罐探针数据。', + 'type' => 'array', + 'items' => [ + 'description' => '蜜罐探针数据。', + 'type' => 'object', + 'properties' => [ + 'CertIdentifier' => [ + 'title' => '证书标识。可用于查询证书详情。', + 'description' => '证书标识。可用于查询证书详情。', + 'type' => 'string', + 'example' => '1ef78be5-******-b5ef0f0eba3d', + ], + 'Status' => [ + 'title' => '证书状态。', + 'description' => '证书状态。', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'CommonName' => [ + 'title' => '证书通用名称。与证书主体信息(Subject)的CommonName一致。', + 'description' => '证书通用名称。与证书主体信息(Subject)的CommonName一致。', + 'type' => 'string', + 'example' => 'Example Co., Ltd.', + ], + 'IssuerIdentifier' => [ + 'title' => '颁发者证书标识。可用于查询颁发者证书。', + 'description' => '颁发者证书标识。可用于查询颁发者证书。', + 'type' => 'string', + 'example' => '1ef78be5-******-b5ef0f0eba3d', + ], + 'PrivateCaInstanceId' => [ + 'title' => '私有CA实例ID。', + 'description' => '私有CA实例ID。', + 'type' => 'string', + 'example' => 'cas_deposit-cn-******', + ], + 'PrivateCaRegionId' => [ + 'title' => '私有CA实例地域ID。', + 'description' => '私有CA实例地域ID。', + 'type' => 'string', + 'example' => 'cn-hangzhou', + ], + 'UserId' => [ + 'title' => '账号ID。', + 'description' => '账号ID。', + 'type' => 'string', + 'example' => '166********', + ], + ], + ], + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '12345678-1234-1234-1234-123456789ABC', + ], + 'TotalCount' => [ + 'description' => '结果集总数量。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '10', + ], + 'NextToken' => [ + 'description' => '分页参数:页面令牌。请求置空表示从头开始。返回为空时表示最后一页。', + 'type' => 'string', + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + 'MaxResults' => [ + 'description' => '分页参数:结果集的最大数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '获取私有CA列表', + 'summary' => '查询私有CA机构证书。', + 'description' => '本接口用于查询CA证书(包括根CA证书和子CA证书)的操作日志,例如,CA证书的创建日志、状态修改日志。'."\n" + ."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListPcaCaCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"List\\": [\\n {\\n \\"CertIdentifier\\": \\"1ef78be5-******-b5ef0f0eba3d\\",\\n \\"Status\\": \\"ISSUE\\",\\n \\"CommonName\\": \\"Example Co., Ltd.\\",\\n \\"IssuerIdentifier\\": \\"1ef78be5-******-b5ef0f0eba3d\\",\\n \\"PrivateCaInstanceId\\": \\"cas_deposit-cn-******\\",\\n \\"PrivateCaRegionId\\": \\"cn-hangzhou\\",\\n \\"UserId\\": \\"166********\\"\\n }\\n ],\\n \\"RequestId\\": \\"12345678-1234-1234-1234-123456789ABC\\",\\n \\"TotalCount\\": 10,\\n \\"NextToken\\": \\"1d2db86sca4384811e0b5e8707e68181f\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', + ], + 'ListRevokeCertificate' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83522', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'CurrentPage', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,设置当前页面的页码。默认值为**1**。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '1', + ], + ], + [ + 'name' => 'ShowSize', + 'in' => 'query', + 'schema' => [ + 'description' => '分页查询时,设置每页包含已被吊销证书的数量。默认值为**20**。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'example' => '20', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'ListCertificateResponse2<RevokedCertificateDTO>', + 'description' => 'ListCertificateResponse2<RevokedCertificateDTO>。', + 'type' => 'object', + 'properties' => [ + 'CertificateList' => [ + 'description' => '已被吊销的客户端证书或服务端证书的详细信息。', + 'type' => 'array', + 'items' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RevokeDate' => [ + 'description' => '证书被吊销的日期。格式为`yyyy-MM-ddT00:00Z`,例如,`2021-09-01T00:00Z`表示2021年09月01日。'."\n", + 'type' => 'string', + 'example' => '2021-09-01T00:00Z', + ], + 'Identifier' => [ + 'description' => '证书的唯一识别码。', + 'type' => 'string', + 'example' => '05e148d8d3ecc9976d9ecd2b2f25****', + ], + 'SerialNumber' => [ + 'description' => '证书的序列号。', + 'type' => 'string', + 'example' => '168b12c42e62339f8d2340ff530f9365****', + ], + 'SubjectDN' => [ + 'description' => '证书的DN(Distinguished Name)属性,表示证书的使用者,具体包含以下信息:'."\n" + ."\n" + .'- **C**:国家。'."\n" + .'- **O**:组织机构。'."\n" + .'- **OU**:部门。'."\n" + .'- **L**:城市。'."\n" + .'<props="china">- **ST**:省份、直辖市或自治区。</props>'."\n" + .'<props="intl">- **ST**:省份或州。</props>'."\n" + .'- **CN**:公用名。'."\n", + 'type' => 'string', + 'example' => 'C=CN,O=阿里云计算有限公司,OU=Security,L=ZheJiang,ST=HangZhou,CN=aliyundoc.com', + ], + 'CommonName' => [ + 'description' => '证书的公用名。', + 'type' => 'string', + 'example' => 'aliyundoc.com', + ], + 'OrganizationUnit' => [ + 'description' => '签发该证书的子CA证书关联的组织机构下部门的名称。', + 'type' => 'string', + 'example' => 'Security', + ], + 'Organization' => [ + 'description' => '签发该证书的子CA证书关联的组织机构的名称。', + 'type' => 'string', + 'example' => '阿里云计算有限公司', + ], + 'Locality' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在城市的名称。', + 'type' => 'string', + 'example' => 'Hangzhou', + ], + 'State' => [ + 'description' => '<props="china">签发该证书的子CA证书关联的组织机构所在省份、直辖市或自治区的名称。</props>'."\n" + .'<props="intl">签发该证书的子CA证书关联的组织机构所在省份或州的名称。</props>', + 'type' => 'string', + 'example' => 'Zhejiang', + ], + 'CountryCode' => [ + 'description' => '签发该证书的子CA证书关联的组织机构所在国家的代码。'."\n" + ."\n" + .'关于不同国家代码的含义,请参见[管理公司信息](~~198289~~)中的**国际代号**章节。', + 'type' => 'string', + 'example' => 'CN', + ], + 'Sans' => [ + 'description' => '证书的SAN(Subject Alternative Name)扩展属性。'."\n" + ."\n" + .'该参数使用JSON数组转化的字符串表示。JSON数组中的每个元素是一个结构体,对应一个SAN扩展。每个SAN扩展结构体包含以下参数:'."\n" + ."\n" + .'- **Type**:Integer类型,表示扩展的类型。取值:'."\n" + .' - **1**:表示邮箱地址。'."\n" + .' - **2**:表示域名。'."\n" + .' - **6**:表示统一资源标识符URI(Uniform Resource Identifier)。'."\n" + .' - **7**:表示IP地址。'."\n" + .'- **Value**:String类型,表示扩展的内容。', + 'type' => 'string', + 'example' => '[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]', + ], + 'Status' => [ + 'description' => '状态。', + 'type' => 'string', + 'example' => 'ISSUE', + ], + 'BeforeDate' => [ + 'description' => '证书的签发日期。格式为`yyyy-MM-ddT00:00Z`,例如,`2021-01-01T00:00Z`表示2021年01月01日。', + 'type' => 'string', + 'example' => '2021-01-01T00:00Z', + ], + 'AfterDate' => [ + 'description' => '证书的到期日期。格式为`yyyy-MM-ddT00:00Z`,例如,`2021-12-31T00:00Z`表示2021年12月31日。', + 'type' => 'string', + 'example' => '2021-12-31T00:00Z', + ], + 'Algorithm' => [ + 'description' => '证书的加密算法类型。取值:'."\n" + ."\n" + .'- **RSA**:表示RSA算法。'."\n" + .'- **ECC**:表示ECC算法。'."\n" + .'- **SM2**:表示SM2(国密)算法。', + 'type' => 'string', + 'example' => 'RSA', + ], + 'KeySize' => [ + 'description' => '证书的密钥长度。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '4096', + ], + 'SignAlgorithm' => [ + 'description' => '证书的签名算法。', + 'type' => 'string', + 'example' => 'SHA256WITHRSA', + ], + 'CertificateType' => [ + 'description' => '证书类型。', + 'type' => 'string', + 'example' => 'SERVER', + ], + 'ParentIdentifier' => [ + 'description' => '父证书标识。', + 'type' => 'string', + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + 'Sha2' => [ + 'description' => '证书的SHA256数字指纹。', + 'type' => 'string', + 'example' => 'b60eff7e04323ff662f9ab5e6986f849f626a9c7bf2c59dcc752fa23779a****', + ], + 'Md5' => [ + 'description' => '证书的MD5数字指纹。', + 'type' => 'string', + 'example' => '05e148d8d3ecc9976d9ecd2b2f25****', + ], + 'CustomIdentifier' => [ + 'description' => '用户自定义标识,唯一键。', + 'type' => 'string', + 'example' => '****48d8d3ecc9976d9ecd2b2f25****', + ], + ], + ], + ], + 'CurrentPage' => [ + 'description' => '当前页面的页码。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'PageCount' => [ + 'description' => '总页数。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '1', + ], + 'ShowSize' => [ + 'description' => '每页包含已被吊销证书的数量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + 'TotalCount' => [ + 'description' => '已被吊销的客户端证书和服务端证书的总数。', + 'type' => 'integer', + 'format' => 'int64', + 'example' => '1', + ], + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询吊销证书列表', + 'summary' => '查询所有已被吊销的客户端证书和服务端证书的详细信息。', + 'description' => '本接口用于分页查询所有已被吊销的客户端证书和服务端证书的详细信息,例如,证书的唯一识别码、序列号、吊销日期等。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'requestParamsDescription' => '调用API时,除了本文中该API的请求参数,还需加入阿里云API公共请求参数。'."\n" + ."\n" + .'调用API的请求格式,请参见本文**示例**中的请求示例。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListRevokeCertificate', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListRevokeCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"CertificateList\\": [\\n {\\n \\"RevokeDate\\": \\"2021-09-01T00:00Z\\",\\n \\"Identifier\\": \\"05e148d8d3ecc9976d9ecd2b2f25****\\",\\n \\"SerialNumber\\": \\"168b12c42e62339f8d2340ff530f9365****\\",\\n \\"SubjectDN\\": \\"C=CN,O=阿里云计算有限公司,OU=Security,L=ZheJiang,ST=HangZhou,CN=aliyundoc.com\\",\\n \\"CommonName\\": \\"aliyundoc.com\\",\\n \\"OrganizationUnit\\": \\"Security\\",\\n \\"Organization\\": \\"阿里云计算有限公司\\",\\n \\"Locality\\": \\"Hangzhou\\",\\n \\"State\\": \\"Zhejiang\\",\\n \\"CountryCode\\": \\"CN\\",\\n \\"Sans\\": \\"[ {\\\\\\"Type\\\\\\": 7, \\\\\\"Value\\\\\\": \\\\\\"192.0.XX.XX\\\\\\"}, {\\\\\\"Type\\\\\\": 2, \\\\\\"Value\\\\\\": \\\\\\"www.aliyundoc.com\\\\\\"}, ]\\",\\n \\"Status\\": \\"ISSUE\\",\\n \\"BeforeDate\\": \\"2021-01-01T00:00Z\\",\\n \\"AfterDate\\": \\"2021-12-31T00:00Z\\",\\n \\"Algorithm\\": \\"RSA\\",\\n \\"KeySize\\": 4096,\\n \\"SignAlgorithm\\": \\"SHA256WITHRSA\\",\\n \\"CertificateType\\": \\"SERVER\\",\\n \\"ParentIdentifier\\": \\"160ae6bb538d538c70c01f81dcf2****\\",\\n \\"Sha2\\": \\"b60eff7e04323ff662f9ab5e6986f849f626a9c7bf2c59dcc752fa23779a****\\",\\n \\"Md5\\": \\"05e148d8d3ecc9976d9ecd2b2f25****\\",\\n \\"CustomIdentifier\\": \\"****48d8d3ecc9976d9ecd2b2f25****\\"\\n }\\n ],\\n \\"CurrentPage\\": 1,\\n \\"PageCount\\": 1,\\n \\"ShowSize\\": 20,\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","type":"json"}]', + ], + 'ListTagResources' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '81794', + 'abilityTreeNodes' => [ + 'FEATUREcasDX3LGS', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => [ + 'description' => '地域id。', + 'type' => 'string', + 'required' => true, + 'example' => 'cn-hangzhou', + ], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'description' => '资源类型。默认值:**instance**', + 'type' => 'string', + 'required' => true, + 'example' => 'instance', + ], + ], + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => [ + 'description' => '下一个查询开始token,nexttoken为空说明没有下一个。', + 'type' => 'string', + 'required' => false, + 'example' => '1d2db86sca4384811e0b5e8707e68181f', + ], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '资源id。', + 'type' => 'array', + 'items' => [ + 'description' => '资源id。', + 'type' => 'string', + 'required' => false, + 'example' => 'cas-cn-4591d3xa****', + ], + 'required' => false, + 'maxItems' => 51, + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '查询到的实例和标签的信息。', + 'type' => 'array', + 'items' => [ + 'description' => '查询到的实例和标签的信息。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '要查询的标签的key,可有多个。n为正整数。', + 'type' => 'string', + 'required' => false, + 'example' => 'testKey1', + ], + 'Value' => [ + 'description' => '标签值。n的取值范围:1~20。', + 'type' => 'string', + 'required' => false, + 'example' => 'testValue1', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 21, + ], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => [ + 'description' => '本次读取的最大数据量。', + 'type' => 'integer', + 'format' => 'int32', + 'required' => false, + 'maximum' => '1000', + 'minimum' => '1', + 'example' => '1000', + 'default' => '1000', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => '2D69A58F-345C-4FDE-88E4-BF5189484043', + ], + 'Data' => [ + 'description' => '请求接口返回的数据。', + 'type' => 'object', + 'properties' => [ + 'NextToken' => [ + 'description' => '下一个查询开始Token,NextToken为空说明没有下一个。', + 'type' => 'string', + 'example' => '24262', + ], + 'TagResources' => [ + 'type' => 'object', + 'itemNode' => true, + 'properties' => [ + 'TagResources' => [ + 'description' => '返回数据。', + 'type' => 'array', + 'items' => [ + 'description' => '返回数据。', + 'type' => 'object', + 'properties' => [ + 'ResourceId' => [ + 'description' => '要操作的证书实例ID。 '."\n" + .'N的取值范围为\\[1, 50],用于指定多个实例,最多50个。例如:ResourceId.1,ResourceId.2,...,ResourceId.50。', + 'type' => 'string', + 'example' => 'cas-upload-xgjcng', + ], + 'ResourceType' => [ + 'description' => '资源的类型。取值:**instance**。', + 'type' => 'string', + 'example' => 'ALIYUN::CAS::PCACERTIFICATE', + ], + 'TagKey' => [ + 'description' => '要绑定的标签键。 '."\n" + .'N的取值范围为 \\[1, 20],用于指定多个标签键,最多20个。例如:Tag.1.Key,Tag.2.Key,...,Tag.20.Key。', + 'type' => 'string', + 'example' => '正式环境', + ], + 'TagValue' => [ + 'description' => '标签值。', + 'type' => 'string', + 'example' => 'PVDCDC', + ], + ], + ], + ], + ], + 'description' => '', + ], + 'MaxResults' => [ + 'description' => '本次读取的最大数据量。', + 'type' => 'integer', + 'format' => 'int32', + 'example' => '20', + ], + ], + ], + ], + 'description' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '查询资源和标签关系', + 'summary' => '查询资源(SSL证书实例)和标签的对应关系。', + 'description' => '本接口用于通过私有CA实例的ID,查询您通过SSL证书服务控制台购买的私有CA实例的状态信息,例如,CA实例的状态、包含的证书数量、已签发的证书数量等。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有CA。具体操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2D69A58F-345C-4FDE-88E4-BF5189484043\\",\\n \\"Data\\": {\\n \\"NextToken\\": \\"24262\\",\\n \\"TagResources\\": {\\n \\"TagResources\\": [\\n {\\n \\"ResourceId\\": \\"cas-upload-xgjcng\\",\\n \\"ResourceType\\": \\"ALIYUN::CAS::PCACERTIFICATE\\",\\n \\"TagKey\\": \\"正式环境\\",\\n \\"TagValue\\": \\"PVDCDC\\"\\n }\\n ]\\n },\\n \\"MaxResults\\": 20\\n }\\n}","type":"json"}]', + ], + 'MoveResourceGroup' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '226097', + 'abilityTreeNodes' => [ + 'FEATUREcasDX3LGS', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'schema' => [ + 'description' => '要迁移的资源组所属的资源id。', + 'type' => 'string', + 'required' => true, + 'example' => 'cas-cn-4591d3xa****', + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源组id。', + 'type' => 'string', + 'required' => true, + 'example' => 'rg-acfmykgxu5d46ey', + ], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'description' => '资源类型,取值:**instance**。', + 'type' => 'string', + 'required' => true, + 'example' => 'instance', + ], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => [ + 'description' => '地域id。', + 'type' => 'string', + 'required' => false, + 'example' => 'cn-hangzhou', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => '5BCD2F6C-7A9D-47C1-8588-2CC6A4E0BE5E', + ], + ], + 'description' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '删除资源组', + 'summary' => '修改资源所属的资源组。', + 'description' => '本接口用于通过私有CA实例的ID,查询您通过SSL证书服务控制台购买的私有CA实例的状态信息,例如,CA实例的状态、包含的证书数量、已签发的证书数量等。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有CA。具体操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5BCD2F6C-7A9D-47C1-8588-2CC6A4E0BE5E\\"\\n}","type":"json"}]', + ], + 'TagResources' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '81796', + 'abilityTreeNodes' => [ + 'FEATUREcasDX3LGS', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => [ + 'description' => '证书所有者所属组织的区域。', + 'type' => 'string', + 'required' => true, + 'example' => 'cn-hangzhou', + ], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'description' => '资源类型。默认值:**instance**', + 'type' => 'string', + 'required' => true, + 'example' => 'instance', + ], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '资源id。', + 'type' => 'array', + 'items' => [ + 'description' => '资源id。', + 'type' => 'string', + 'required' => false, + 'example' => 'cas-cn-4591d3xa****', + ], + 'required' => true, + 'maxItems' => 50, + ], + ], + [ + 'name' => 'Tag', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '资源的标签信息。', + 'type' => 'array', + 'items' => [ + 'description' => '资源的标签信息。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。n的取值范围为\\[1,20],用于指定多个标签键,最多20个。例如:tag.1.key,tag.2.key,...,tag.20.key。', + 'type' => 'string', + 'required' => false, + 'example' => 'testKey1', + 'maxLength' => 128, + ], + 'Value' => [ + 'description' => '标签值。n的取值范围:1~20。', + 'type' => 'string', + 'required' => false, + 'example' => 'testValue1', + 'maxLength' => 256, + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 20, + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => '9D85A4B3-8F5B-411B-A91C-EF91B5183E2E', + ], + ], + 'description' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => '为指定资源(SSL证书实例)绑定标签', + 'summary' => '为指定资源(SSL证书实例)绑定标签。', + 'description' => '本接口用于通过私有CA实例的ID,查询您通过SSL证书服务控制台购买的私有CA实例的状态信息,例如,CA实例的状态、包含的证书数量、已签发的证书数量等。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有CA。具体操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D85A4B3-8F5B-411B-A91C-EF91B5183E2E\\"\\n}","type":"json"}]', + ], + 'UntagResources' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'readAndWrite', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '81797', + 'abilityTreeNodes' => [ + 'FEATUREcasDX3LGS', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => [ + 'description' => '地域id。', + 'type' => 'string', + 'required' => true, + 'example' => 'cn-hangzhou', + ], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => [ + 'description' => '资源类型定义。取值固定为**instance**。', + 'type' => 'string', + 'required' => true, + 'example' => 'instance', + ], + ], + [ + 'name' => 'All', + 'in' => 'query', + 'schema' => [ + 'description' => '是否全部删除,仅当tagkey.n为空时有效。取值范围:-true-false默认值:false', + 'type' => 'boolean', + 'required' => false, + 'example' => 'false', + ], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '资源id。', + 'type' => 'array', + 'items' => [ + 'description' => '资源id。', + 'type' => 'string', + 'required' => false, + 'example' => 'cas-cn-4591d3xa****', + ], + 'required' => true, + 'maxItems' => 50, + ], + ], + [ + 'name' => 'TagKey', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签键。', + 'type' => 'array', + 'items' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'testKey1', + ], + 'required' => false, + 'maxItems' => 21, + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '请求id。', + 'type' => 'string', + 'example' => '2D69A58F-345C-4FDE-88E4-BF5189484043', + ], + ], + 'description' => '', + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'title' => '移除指定资源(SSL证书实例)的标签', + 'summary' => '移除标签。', + 'description' => '本接口用于通过私有CA实例的ID,查询您通过SSL证书服务控制台购买的私有CA实例的状态信息,例如,CA实例的状态、包含的证书数量、已签发的证书数量等。'."\n" + ."\n" + .'调用本接口前,您必须已经通过[数字证书管理服务控制台](https://yundun.console.aliyun.com/?p=cas#/pca/rootlist)购买了私有CA。具体操作,请参见[购买私有CA](~~208553~~)。'."\n" + ."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2D69A58F-345C-4FDE-88E4-BF5189484043\\"\\n}","type":"json"}]', + ], + 'UpdateCACertificateStatus' => [ + 'methods' => [ + 'post', + 'get', + ], + 'schemes' => [ + 'http', + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '83523', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要修改状态的CA证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[DescribeCACertificateList](~~465957~~)查询所有CA证书的唯一识别码。', + 'type' => 'string', + 'required' => true, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => [ + 'description' => '对该CA证书执行的操作。取值固定为**REVOKE**,表示吊销CA证书,即将CA证书的状态修改为**REVOKE**。'."\n" + ."\n" + .'> 只有当CA证书的当前状态为**ISSUE**时,才支持该操作。您可以调用[DescribeCACertificate](~~465954~~)查询CA证书的当前状态。', + 'type' => 'string', + 'required' => false, + 'example' => 'REVOKE', + ], + ], + [ + 'name' => 'ClientToken', + 'in' => 'query', + 'schema' => [ + 'description' => '客户端Token,用于保证请求的幂等性。'."\n" + ."\n" + .'从您的客户端生成一个参数值,确保不同请求间该参数值唯一。ClientToken只支持ASCII字符。'."\n" + ."\n" + .'> 若您未指定,则系统自动使用API请求的**RequestId**作为**ClientToken**标识。每次API请求的**RequestId**不一样。', + 'type' => 'string', + 'required' => false, + 'example' => '3838B684-3075-582B-9A45-8C99104029DF', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => '对象。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'description' => '本次请求的ID。', + 'type' => 'string', + 'example' => '15C66C7B-671A-4297-9187-2C4477247A74', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '更新CA证书状态', + 'summary' => '将根CA证书或子CA证书的状态由正常签发修改为吊销。', + 'description' => 'CA证书经创建后,默认为正常签发状态。您可以调用本接口将CA证书的状态从正常签发修改为吊销。在正常签发状态下,CA证书可用于签发证书。在吊销状态下,CA证书不可用于签发证书,同时经该CA证书签发的证书也会相应失效。'."\n" + ."\n" + .'调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书、调用[CreateSubCACertificate](~~465959~~)创建了子CA证书。'."\n" + ."\n\n" + .'## QPS限制'."\n" + ."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateCACertificateStatus', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UpdateCACertificateStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"15C66C7B-671A-4297-9187-2C4477247A74\\"\\n}","errorExample":""},{"type":"xml","example":"<UpdateCACertificateStatusResponse>\\n <RequestId>15C66C7B-671A-4297-9187-2C4477247A74</RequestId>\\n</UpdateCACertificateStatusResponse>","errorExample":""}]', + ], + 'UpdatePcaCertificate' => [ + 'methods' => [ + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '200358', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'AliasName', + 'in' => 'query', + 'schema' => [ + 'description' => '设置签发证书的名称。', + 'type' => 'string', + 'required' => false, + 'example' => 'cert-name', + ], + ], + [ + 'name' => 'Identifier', + 'in' => 'query', + 'schema' => [ + 'description' => '要查询的CA证书的唯一识别码。'."\n" + ."\n" + .'> 您可以调用[DescribeCACertificateList](~~328095~~)查询所有CA证书的唯一识别码。', + 'type' => 'string', + 'required' => false, + 'example' => '160ae6bb538d538c70c01f81dcf2****', + ], + ], + [ + 'name' => 'Tags', + 'in' => 'query', + 'style' => 'repeatList', + 'schema' => [ + 'description' => '标签列表。', + 'type' => 'array', + 'items' => [ + 'description' => '标签列表。', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => '标签键。', + 'type' => 'string', + 'required' => false, + 'example' => 'runtime', + ], + 'Value' => [ + 'description' => '标签值。', + 'type' => 'string', + 'required' => false, + 'example' => 'test', + ], + ], + 'required' => false, + ], + 'required' => false, + 'maxItems' => 100, + ], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => [ + 'description' => '资源分组ID。', + 'type' => 'string', + 'required' => false, + 'example' => 'rg-ae******4wia', + ], + ], + [ + 'name' => 'ClientToken', + 'in' => 'formData', + 'schema' => [ + 'description' => '用于保证请求的幂等性。由客户端生成该参数值,要保证在不同请求间唯一,最大值不超过64个ASCII字符,且该参数值中不能包含非ASCII字符。', + 'type' => 'string', + 'required' => false, + 'example' => 'XXX', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'Schema of Response', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'Id of the request', + 'type' => 'string', + 'example' => '09470F19-CEE8-5C63-BF2C-02B5E3F07A17', + ], + 'AccessDeniedDetail' => [ + 'description' => '鉴权报错信息', + 'type' => 'object', + 'properties' => [ + 'AuthAction' => [ + 'description' => '尝试执行的未授权操作。'."\n" + ."\n", + 'type' => 'string', + 'example' => 'yundun-cert:XXX', + ], + 'AuthPrincipalDisplayName' => [ + 'description' => '请求中用于鉴权的身份标识。具体取值为:'."\n" + .'- RAM 用户:RAM 用户 UID'."\n" + .'- RAM 角色:RoleName:RoleSessionName'."\n" + .'- Federated:ProviderType/ProviderName', + 'type' => 'string', + 'example' => 'RoleSessionName', + ], + 'AuthPrincipalOwnerId' => [ + 'description' => 'AuthPrincipalOwnerId', + 'type' => 'string', + 'example' => '186XXX', + ], + 'AuthPrincipalType' => [ + 'description' => '身份类型', + 'type' => 'string', + 'example' => 'SubUser', + ], + 'EncodedDiagnosticMessage' => [ + 'description' => '加密后的完整诊断信息。', + 'type' => 'string', + 'example' => 'AQEAAAAAaEjlETkzRkQ5QjVELTI3NTEtM0I2Ni1BM0E1LThBQUYzMkJBNEJCQg==', + ], + 'NoPermissionType' => [ + 'description' => '导致鉴权失败的原因。具体取值为:'."\n" + .'ExplicitDeny:显示拒绝'."\n" + .'ImplicitDeny:隐式拒绝', + 'type' => 'string', + 'example' => 'ImplicitDeny', + ], + 'PolicyType' => [ + 'description' => '策略类型', + 'type' => 'string', + 'example' => 'Custom', + ], + ], + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'synchronous', + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => '更新PCA资源属性', + 'summary' => '更新证书属性', + 'description' => 'CA证书经创建后,默认为正常签发状态。您可以调用本接口将CA证书的状态从正常签发修改为吊销。在正常签发状态下,CA证书可用于签发证书。在吊销状态下,CA证书不可用于签发证书,同时经该CA证书签发的证书也会相应失效。'."\n" + ."\n" + .'调用本接口前,您必须已经调用[CreateRootCACertificate](~~465962~~)创建了根CA证书、调用[CreateSubCACertificate](~~465959~~)创建了子CA证书。'."\n" + ."\n\n" + .'## QPS限制'."\n" + ."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UpdatePcaCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"09470F19-CEE8-5C63-BF2C-02B5E3F07A17\\",\\n \\"AccessDeniedDetail\\": {\\n \\"AuthAction\\": \\"yundun-cert:XXX\\",\\n \\"AuthPrincipalDisplayName\\": \\"RoleSessionName\\",\\n \\"AuthPrincipalOwnerId\\": \\"186XXX\\",\\n \\"AuthPrincipalType\\": \\"SubUser\\",\\n \\"EncodedDiagnosticMessage\\": \\"AQEAAAAAaEjlETkzRkQ5QjVELTI3NTEtM0I2Ni1BM0E1LThBQUYzMkJBNEJCQg==\\",\\n \\"NoPermissionType\\": \\"ImplicitDeny\\",\\n \\"PolicyType\\": \\"Custom\\"\\n }\\n}","type":"json"}]', + ], + 'UploadPcaCertToCas' => [ + 'methods' => [ + 'post', + ], + 'schemes' => [ + 'https', + ], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => [ + 'FEATUREcasPYG3UJ', + ], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', + ], + 'parameters' => [ + [ + 'name' => 'Ids', + 'in' => 'query', + 'schema' => [ + 'description' => '待同步到证书服务的主键标识列表。多个ID使用半角逗号(,)间隔。', + 'type' => 'string', + 'required' => true, + 'example' => '59425,59426', + ], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'title' => 'Schema of Response', + 'description' => 'Schema of Response', + 'type' => 'object', + 'properties' => [ + 'RequestId' => [ + 'title' => 'Id of the request', + 'description' => 'Id of the request', + 'type' => 'string', + 'example' => 'CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D', + ], + ], + ], + ], + ], + 'staticInfo' => [ + 'returnType' => 'asynchronous', + 'callback' => 'cas::2020-06-30::ListCert', + 'callbackInterval' => 3000, + 'maxCallbackTimes' => 10, + ], + 'title' => '同步私有证书到证书服务', + 'summary' => '上传PCA证书到SSL上传证书。', + 'description' => '本接口一般用于在证书仓库中上传PCA证书。'."\n" + .'## QPS限制'."\n" + .'本接口的单用户QPS限制为10次/秒。超过限制,API调用将会被限流,这可能影响您的业务,请合理调用。', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UploadPcaCertToCas', + ], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UploadPcaCertToCas', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D\\"\\n}","type":"json"}]', + ], + ], + 'endpoints' => [ + [ + 'regionId' => 'ap-southeast-2', + 'regionName' => '澳大利亚(悉尼)已关停', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.ap-southeast-2.aliyuncs.com', + 'endpoint' => 'cas.ap-southeast-2.aliyuncs.com', + 'vpc' => '', + ], + [ + 'regionId' => 'cn-hongkong', + 'regionName' => '中国香港', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.cn-hongkong.aliyuncs.com', + 'endpoint' => 'cas.cn-hongkong.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'ap-northeast-1', + 'regionName' => '日本(东京)', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.ap-northeast-1.aliyuncs.com', + 'endpoint' => 'cas.ap-northeast-1.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'ap-southeast-1', + 'regionName' => '新加坡', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.ap-southeast-1.aliyuncs.com', + 'endpoint' => 'cas.ap-southeast-1.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'ap-southeast-3', + 'regionName' => '马来西亚(吉隆坡)', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.ap-southeast-3.aliyuncs.com', + 'endpoint' => 'cas.ap-southeast-3.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'ap-southeast-5', + 'regionName' => '印度尼西亚(雅加达)', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.ap-southeast-5.aliyuncs.com', + 'endpoint' => 'cas.ap-southeast-5.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'cn-hangzhou', + 'regionName' => '华东1(杭州)', + 'areaId' => 'asiaPacific', + 'areaName' => '亚太', + 'public' => 'cas.aliyuncs.com', + 'endpoint' => 'cas.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'eu-central-1', + 'regionName' => '德国(法兰克福)', + 'areaId' => 'europeAmerica', + 'areaName' => '欧洲与美洲', + 'public' => 'cas.eu-central-1.aliyuncs.com', + 'endpoint' => 'cas.eu-central-1.aliyuncs.com', + 'vpc' => 'cas.vpc-proxy.aliyuncs.com', + ], + [ + 'regionId' => 'me-east-1', + 'regionName' => '阿联酋(迪拜)', + 'areaId' => 'middleEast', + 'areaName' => '中东', + 'public' => 'cas.me-east-1.aliyuncs.com', + 'endpoint' => 'cas.me-east-1.aliyuncs.com', + 'vpc' => '', + ], + [ + 'regionId' => 'ap-south-1', + 'regionName' => '印度(孟买)已关停', + 'areaId' => 'middleEast', + 'areaName' => '中东', + 'public' => 'cas.ap-south-1.aliyuncs.com', + 'endpoint' => 'cas.ap-south-1.aliyuncs.com', + 'vpc' => '', + ], + ], + 'errorCodes' => [ + [ + 'code' => 'AccessDenied.NoAuth', + 'message' => '访问拒绝,没有权限。', + 'http_code' => 400, + 'description' => '访问拒绝,没有权限。', + ], + [ + 'code' => 'AlreadyExists.%s', + 'message' => 'A %s with the same value already exists.', + 'http_code' => 400, + 'description' => '已存在相同的 %s 。', + ], + [ + 'code' => 'AlreadyExistsTry', + 'message' => 'You have already created a trial instance and cannot create it again.', + 'http_code' => 400, + 'description' => '您已经创建过试用实例,无法再次创建', + ], + [ + 'code' => 'CertificateChainNotMatch', + 'message' => 'The certificate chain does not match.', + 'http_code' => 400, + 'description' => '证书链不匹配。', + ], + [ + 'code' => 'CertificateExpired', + 'message' => '证书已经过期。', + 'http_code' => 400, + 'description' => '证书已经过期。', + ], + [ + 'code' => 'CertificateFormatException', + 'message' => '证书格式异常,请检查输入内容。', + 'http_code' => 400, + 'description' => '证书格式异常,请检查输入内容。', + ], + [ + 'code' => 'CertificatePrivateKey.Existed', + 'message' => '证书私钥已经存在。', + 'http_code' => 400, + 'description' => '证书私钥已经存在。', + ], + [ + 'code' => 'CouldNotRefund.InsufficientQuota', + 'message' => '该订单额度不足,无法退款。', + 'http_code' => 400, + 'description' => '该订单额度不足,无法退款。', + ], + [ + 'code' => 'CouldNotRefund.NotSupport', + 'message' => '不支持退款。', + 'http_code' => 400, + 'description' => '不支持退款。', + ], + [ + 'code' => 'CouldNotRefund.OverTime', + 'message' => '超过退款期限,无法退款。', + 'http_code' => 400, + 'description' => '超过退款期限,无法退款。', + ], + [ + 'code' => 'CreateCsrFailed', + 'message' => '创建CSR失败。', + 'http_code' => 400, + 'description' => '创建CSR失败。', + ], + [ + 'code' => 'CreateOrderFailed', + 'message' => '创建订单失败。', + 'http_code' => 400, + 'description' => '创建订单失败。', + ], + [ + 'code' => 'DataTooLongException', + 'message' => '存在超长输入值。', + 'http_code' => 400, + 'description' => '存在超长输入值。', + ], + [ + 'code' => 'DecryptError', + 'message' => '解密错误。', + 'http_code' => 400, + 'description' => '解密错误。', + ], + [ + 'code' => 'DeductQuotaFailed', + 'message' => '扣除额度失败,请稍后重试。', + 'http_code' => 400, + 'description' => '扣除额度失败,请稍后重试。', + ], + [ + 'code' => 'DeployFailed', + 'message' => 'Deployment failed.', + 'http_code' => 400, + 'description' => '部署失败。', + ], + [ + 'code' => 'DeployFailed.CertBackupFailed', + 'message' => '部署失败,备份证书失败。', + 'http_code' => 400, + 'description' => '部署失败,备份证书失败。', + ], + [ + 'code' => 'DeployFailed.InvalidCertChainPath', + 'message' => '部署失败,无效的证书链路径。', + 'http_code' => 400, + 'description' => '部署失败,无效的证书链路径。', + ], + [ + 'code' => 'DeployFailed.InvalidCertPath', + 'message' => '部署失败,无效的证书路径。', + 'http_code' => 400, + 'description' => '部署失败,无效的证书路径。', + ], + [ + 'code' => 'DeployFailed.InvalidPrivatePath', + 'message' => '部署失败,无效的私钥路径。', + 'http_code' => 400, + 'description' => '部署失败,无效的私钥路径。', + ], + [ + 'code' => 'DigestError', + 'message' => '摘要错误。', + 'http_code' => 400, + 'description' => '摘要错误。', + ], + [ + 'code' => 'DomainAlreadyExist', + 'message' => 'Domain name already exists.', + 'http_code' => 400, + 'description' => '域名已存在。', + ], + [ + 'code' => 'DomainAlreadyUsed', + 'message' => '域名已经被使用。', + 'http_code' => 400, + 'description' => '域名已经被使用。', + ], + [ + 'code' => 'DomainAndProductNotMatch', + 'message' => '域名和规格不匹配。', + 'http_code' => 400, + 'description' => '域名和规格不匹配。', + ], + [ + 'code' => 'DomainFormatError', + 'message' => '域名格式错误,请检查输入内容。', + 'http_code' => 400, + 'description' => '域名格式错误,请检查输入内容。', + ], + [ + 'code' => 'DomainParseError', + 'message' => 'Failed to parse the domain name. Check the input.', + 'http_code' => 400, + 'description' => '解析域名失败,请检查输入是否正确。', + ], + [ + 'code' => 'DomainQuotaExceeded', + 'message' => '域名超出额度。', + 'http_code' => 400, + 'description' => '域名超出额度。', + ], + [ + 'code' => 'DomainRepeat', + 'message' => '域名重复。', + 'http_code' => 400, + 'description' => '域名重复。', + ], + [ + 'code' => 'EncryptError', + 'message' => '加密错误。', + 'http_code' => 400, + 'description' => '加密错误。', + ], + [ + 'code' => 'FileValueNotMatch', + 'message' => '文件校验值不匹配。', + 'http_code' => 400, + 'description' => '文件校验值不匹配。', + ], + [ + 'code' => 'FileValueNotMatch.EndWrapCharacter', + 'message' => '文件校验值不匹配,结尾不能有换行符。', + 'http_code' => 400, + 'description' => '文件校验值不匹配,结尾不能有换行符。', + ], + [ + 'code' => 'FlowControlError', + 'message' => '超过限流QPS,请稍后重试。', + 'http_code' => 400, + 'description' => '超过限流QPS,请稍后重试。', + ], + [ + 'code' => 'Forbidden.NoPermission', + 'message' => 'No permissions.', + 'http_code' => 403, + 'description' => '当前操作未被授权,请联系管理员授权。', + ], + [ + 'code' => 'GetDNSFailed', + 'message' => '获取DNS失败。', + 'http_code' => 400, + 'description' => '获取DNS失败。', + ], + [ + 'code' => 'GetFileValueFailed', + 'message' => '获取文件校验值失败。', + 'http_code' => 400, + 'description' => '获取文件校验值失败。', + ], + [ + 'code' => 'IncorrectFormat.%s', + 'message' => 'The %s parameter format is incorrect.', + 'http_code' => 400, + 'description' => '%s参数值格式错误。', + ], + [ + 'code' => 'InsufficientQuota', + 'message' => '额度不足。', + 'http_code' => 400, + 'description' => '额度不足。', + ], + [ + 'code' => 'InternalError', + 'message' => 'An internal error occurred. Try again later.', + 'http_code' => 400, + 'description' => '内部错误,请稍后重试。', + ], + [ + 'code' => 'InvaildParameterSource', + 'message' => 'The parameter is invalid.', + 'http_code' => 400, + 'description' => '参数无效。', + ], + [ + 'code' => 'InvalidParameter', + 'message' => '无效参数,请检查参数输入。', + 'http_code' => 400, + 'description' => '无效参数,请检查参数输入。', + ], + [ + 'code' => 'InvalidParameter.%s', + 'message' => 'Invalid parameter: %s .', + 'http_code' => 400, + 'description' => '无效参数: %s ,请检查参数内容。', + ], + [ + 'code' => 'InvalidParameter.MobileIllegal', + 'message' => '手机号非法,请输入正确手机号', + 'http_code' => 400, + 'description' => '手机号非法,请输入正确手机号', + ], + [ + 'code' => 'InvalidSource.Content.Malformed', + 'message' => 'Incorrect format.', + 'http_code' => 400, + 'description' => '格式不正确。', + ], + [ + 'code' => 'InvalidStatus.DeleteProtection', + 'message' => '当前状态不允许删除,请稍后重试。', + 'http_code' => 400, + 'description' => '当前状态不允许删除,请稍后重试。', + ], + [ + 'code' => 'InvalidStatus.UpdateProtection', + 'message' => '当前状态不允许更新,请稍后重试。', + 'http_code' => 400, + 'description' => '当前状态不允许更新,请稍后重试。', + ], + [ + 'code' => 'LimitExceeded.%s', + 'message' => 'The maximum number of %s is exceeded.', + 'http_code' => 400, + 'description' => '%s 数量超出限额。', + ], + [ + 'code' => 'MissingDocument', + 'message' => '必填文档缺失,请检查输入。', + 'http_code' => 400, + 'description' => '必填文档缺失,请检查输入。', + ], + [ + 'code' => 'MissingParameter', + 'message' => '缺失必填参数,请检查参数输入。', + 'http_code' => 400, + 'description' => '缺失必填参数,请检查参数输入。', + ], + [ + 'code' => 'MissingParameter.%s', + 'message' => '%s is required for this operation.', + 'http_code' => 400, + 'description' => '当前操作需要提供 %s 参数。请注意补充。', + ], + [ + 'code' => 'NameRepeat', + 'message' => '名称重复,请重新输入。', + 'http_code' => 400, + 'description' => '名称重复,请重新输入。', + ], + [ + 'code' => 'NameTooLongException', + 'message' => '名称太长,请重新输入。', + 'http_code' => 400, + 'description' => '名称太长,请重新输入。', + ], + [ + 'code' => 'NotExpired.DeleteProtection', + 'message' => '未过期证书不允许删除,请稍后重试。', + 'http_code' => 400, + 'description' => '未过期证书不允许删除,请稍后重试。', + ], + [ + 'code' => 'NotFound', + 'message' => 'The resource not found. Check the input parameters.', + 'http_code' => 400, + 'description' => '没有找到必要内容,请检查参数输入是否正确。', + ], + [ + 'code' => 'NotFound.%s', + 'message' => 'Resource not found: %s .', + 'http_code' => 404, + 'description' => '未找到资源: %s 。', + ], + [ + 'code' => 'NotMatch.CertificateAndPrivateKey', + 'message' => '证书和私钥不匹配,请检查输入内容。', + 'http_code' => 400, + 'description' => '证书和私钥不匹配,请检查输入内容。', + ], + [ + 'code' => 'NotMatch.CertificateChain', + 'message' => '证书链不匹配,请检查证书链内容。', + 'http_code' => 400, + 'description' => '证书链不匹配,请检查证书链内容。', + ], + [ + 'code' => 'NotMatch.CsrAndPrivateKey', + 'message' => 'CSR和私钥不匹配,请检查输入内容。', + 'http_code' => 400, + 'description' => 'CSR和私钥不匹配,请检查输入内容。', + ], + [ + 'code' => 'NotSupport.MissingPrivateKey', + 'message' => '缺失私钥,不支持当前操作。', + 'http_code' => 400, + 'description' => '缺失私钥,不支持当前操作。', + ], + [ + 'code' => 'NotSupport.ProductAlgorithm', + 'message' => '当前规格不支持指定算法。', + 'http_code' => 400, + 'description' => '当前规格不支持指定算法。', + ], + [ + 'code' => 'NotSupportAlgorithm', + 'message' => '当前操作不支持指定算法。', + 'http_code' => 400, + 'description' => '当前操作不支持指定算法。', + ], + [ + 'code' => 'OperationDenied.AlreadyReissuing', + 'message' => '已经存在重签发订单,请稍后重试。', + 'http_code' => 400, + 'description' => '已经存在重签发订单,请稍后重试。', + ], + [ + 'code' => 'OperationDenied.CSRExisted', + 'message' => 'CSR已经存在,不支持当前操作。', + 'http_code' => 400, + 'description' => 'CSR已经存在,不支持当前操作。', + ], + [ + 'code' => 'OperationDenied.CSRPrivateKeyExisted', + 'message' => 'CSR私钥已经存在,不支持当前操作。', + 'http_code' => 400, + 'description' => 'CSR私钥已经存在,不支持当前操作。', + ], + [ + 'code' => 'OperationDenied.ExistedTrusteeOrder', + 'message' => '存在托管订单,不支持当前操作。', + 'http_code' => 400, + 'description' => '存在托管订单,不支持当前操作。', + ], + [ + 'code' => 'OperationDenied.IPFormatError', + 'message' => 'IP格式错误,不支持操作。', + 'http_code' => 400, + 'description' => 'IP格式错误,不支持操作。', + ], + [ + 'code' => 'OperationDenied.IPNotSupport', + 'message' => 'IP不支持当前操作。', + 'http_code' => 400, + 'description' => 'IP不支持当前操作。', + ], + [ + 'code' => 'OperationDenied.IssuedTimeNotSupport', + 'message' => '当前签发时间内不支持当前操作。', + 'http_code' => 400, + 'description' => '当前签发时间内不支持当前操作。', + ], + [ + 'code' => 'OperationDenied.NameContainsIllegalCharacters', + 'message' => '名称包含非法字符,请检查输入内容。', + 'http_code' => 400, + 'description' => '名称包含非法字符,请检查输入内容。', + ], + [ + 'code' => 'OperationDenied.NotSameCompanyEntity', + 'message' => 'not allowed to operate.', + 'http_code' => 400, + 'description' => '不是一个公司实体,不允许操作。', + ], + [ + 'code' => 'OperationDenied.NotSupport', + 'message' => 'The resource does not support this operation.', + 'http_code' => 400, + 'description' => '当前资源不支持该操作。', + ], + [ + 'code' => 'OperationDenied.NotSupportAddWildDomain', + 'message' => '当前操作不支持泛域名。', + 'http_code' => 400, + 'description' => '当前操作不支持泛域名。', + ], + [ + 'code' => 'OperationDenied.NotSupportSM2', + 'message' => '当前操作不支持国密算法。', + 'http_code' => 400, + 'description' => '当前操作不支持国密算法。', + ], + [ + 'code' => 'OperationDenied.ProductNotSupport', + 'message' => '规格不支持。', + 'http_code' => 400, + 'description' => '规格不支持。', + ], + [ + 'code' => 'OperationDenied.RepeatedOperation', + 'message' => '重复操作,请刷新页面稍后重试。', + 'http_code' => 400, + 'description' => '重复操作,请刷新页面稍后重试。', + ], + [ + 'code' => 'OperationDenied.StatusNotSupport', + 'message' => '当前状态不支持当前操作。', + 'http_code' => 400, + 'description' => '当前状态不支持当前操作。', + ], + [ + 'code' => 'OperationDenied.SystemUpgrading', + 'message' => 'The operation failed because the system is under maintenance.', + 'http_code' => 400, + 'description' => '系统正在维护中,暂不支持该操作,请稍后重试。', + ], + [ + 'code' => 'OperationDenied.TypeNotSupport', + 'message' => '该类型不支持当前操作。', + 'http_code' => 400, + 'description' => '该类型不支持当前操作。', + ], + [ + 'code' => 'OrderExpired', + 'message' => 'Order is Expired.', + 'http_code' => 400, + 'description' => '订单已过期', + ], + [ + 'code' => 'ParamRepeat', + 'message' => 'A specified parameter value already exists.', + 'http_code' => 400, + 'description' => '入参和后端已有数据重复,不允许数据重复保存。', + ], + [ + 'code' => 'ParamRepeat', + 'message' => 'The input parameter and the backend have duplicate data, and duplicate data storage is not allowed.', + 'http_code' => 400, + 'description' => '入参和后端已有数据重复,不允许数据重复保存。', + ], + [ + 'code' => 'ParseCertificateFailed', + 'message' => '解析证书失败,请检查证书内容。', + 'http_code' => 400, + 'description' => '解析证书失败,请检查证书内容。', + ], + [ + 'code' => 'ParsePrivateKeyFailed', + 'message' => '解析私钥失败,请检查私钥内容。', + 'http_code' => 400, + 'description' => '解析私钥失败,请检查私钥内容。', + ], + [ + 'code' => 'PermissionDenied', + 'message' => '没有权限。', + 'http_code' => 400, + 'description' => '没有权限。', + ], + [ + 'code' => 'PrivateKeyFormatException', + 'message' => '私钥格式异常,请检查输入内容。', + 'http_code' => 400, + 'description' => '私钥格式异常,请检查输入内容。', + ], + [ + 'code' => 'QuotaExceeded', + 'message' => 'The resource exceeds the quota limit.', + 'http_code' => 400, + 'description' => '资源超出配额。', + ], + [ + 'code' => 'QuotaExceeded.SlbCertificate', + 'message' => 'SLB证书管理证书数量达到上限。', + 'http_code' => 400, + 'description' => 'SLB证书管理证书数量达到上限。', + ], + [ + 'code' => 'RequestsTooMany', + 'message' => '请求次数太频繁,请稍后重试。', + 'http_code' => 400, + 'description' => '请求次数太频繁,请稍后重试。', + ], + [ + 'code' => 'ResourceAlreadyAssociated', + 'message' => 'The specified resource is already associated.', + 'http_code' => 400, + 'description' => '该证书已关联到此监听上。', + ], + [ + 'code' => 'RevokeLimit', + 'message' => '超过吊销次数限制,无法吊销。', + 'http_code' => 400, + 'description' => '超过吊销次数限制,无法吊销。', + ], + [ + 'code' => 'SignError', + 'message' => '签名错误。', + 'http_code' => 400, + 'description' => '签名错误。', + ], + [ + 'code' => 'SignVerifyError', + 'message' => '签名验证错误。', + 'http_code' => 400, + 'description' => '签名验证错误。', + ], + [ + 'code' => 'UpdateConflict', + 'message' => 'The data you are trying to update has been modified by another user. Please refresh and try again.', + 'http_code' => 409, + 'description' => '您正在尝试更新的数据已被其他用户修改,请刷新后重试。', + ], + [ + 'code' => 'ValidateCsrFailed', + 'message' => '校验CSR失败,请检查输入内容。', + 'http_code' => 400, + 'description' => '校验CSR失败,请检查输入内容。', + ], + [ + 'code' => 'WarehouseUnavailable', + 'message' => '仓库不可用。', + 'http_code' => 400, + 'description' => '仓库不可用。', + ], + [ + 'code' => 'WebHookFailed', + 'message' => 'Failed to send WebHook.', + 'http_code' => 400, + 'description' => '发送WebHook失败。', + ], + [ + 'code' => 'CertificateExpired', + 'message' => 'The certificate has expired, please purchase a new certificate.', + 'http_code' => 400, + 'description' => '证书已经过期,请购买新证书.', + ], + ], + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateServerCertificate', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DeleteClientCertificate', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCACertificateCount', + ], + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'GetCAInstanceStatus', + ], + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListRevokeCertificate', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeClientCertificate', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateServerCertificateWithCsr', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateCustomCertificate', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'ListClientCertificate', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UploadPcaCertToCas', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeClientCertificateStatus', + ], + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateRootCACertificate', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateClientCertificateWithCsr', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateRevokeClientCertificate', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateClientCertificate', + ], + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'CreateSubCACertificate', + ], + [ + 'threshold' => '1000', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCACertificate', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCertificatePrivateKey', + ], + [ + 'threshold' => '100', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'DescribeCACertificateList', + ], + [ + 'threshold' => '10', + 'countWindow' => 1, + 'regionId' => '*', + 'api' => 'UpdateCACertificateStatus', + ], + ], + ], + 'ram' => [ + 'productCode' => 'SSLCertificatesService', + 'productName' => '数字证书管理服务(原SSL证书)', + 'ramCodes' => [ + 'yundun-cert', + ], + 'ramLevel' => '操作级', + 'ramConditions' => [ + [ + 'name' => 'acs:ResourceGroupId', + 'schema' => [ + 'type' => 'String', + 'description' => '资源组权限', + ], + ], + ], + 'ramActions' => [ + [ + 'apiName' => 'AssignCertificateCount', + 'description' => '分配证书数量', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:AssignCertificateCount', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeCACertificateCount', + 'description' => '查询已创建的CA证书的数量', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCACertificateCount', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'UntagResources', + 'description' => '移除指定资源(SSL证书实例)的标签', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UntagResources', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateServerCertificateWithCsr', + 'description' => '基于自定义的CSR签发单个服务端证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateServerCertificateWithCsr', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateSubCACertificate', + 'description' => '创建子CA证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateSubCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DeleteClientCertificate', + 'description' => '删除证书', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-cert:DeleteClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateClientCertificateWithCsr', + 'description' => '基于自定义的CSR签发单个客户端证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateClientCertificateWithCsr', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListCACertificateLog', + 'description' => '查询CA证书的操作日志', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListCACertificateLog', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'UpdatePcaCertificate', + 'description' => '更新PCA资源属性', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UpdatePcaCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListAllEndEntityInstance', + 'description' => '获取可分配证书的终端CA', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListAllEndEntityInstance', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeClientCertificateStatusForSerialNumber', + 'description' => 'DescribeClientCertificateStatusForSerialNumber', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificateStatusForSerialNumber', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateCustomCertificate', + 'description' => '颁发自定义证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateCustomCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeCACertificate', + 'description' => '查询单个根CA证书或子CA证书的详细信息', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeCertificatePrivateKey', + 'description' => '查询证书的私钥', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCertificatePrivateKey', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'UpdateCACertificateStatus', + 'description' => '更新CA证书状态', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UpdateCACertificateStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeCACertificateList', + 'description' => '查询所有根CA证书和子CA证书的信息', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeCACertificateList', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListClientCertificate', + 'description' => '查询证书列表', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeClientCertificateForSerialNumber', + 'description' => 'DescribeClientCertificateForSerialNumber', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificateForSerialNumber', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeClientCertificateStatus', + 'description' => '查询证书的状态信息', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificateStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListPcaCaCertificate', + 'description' => '获取私有CA列表', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListPcaCaCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateServerCertificate', + 'description' => '基于系统自动生成的CSR签发单个服务端证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateServerCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListCert', + 'description' => '查询CA签发的证书列表', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribePcaAndExternalCACertificateList', + 'description' => '获取ipa证书列表', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribePcaAndExternalCACertificateList', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'DescribeClientCertificate', + 'description' => '查询证书详细信息', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:DescribeClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'UploadPcaCertToCas', + 'description' => '同步私有证书到证书服务', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:UploadPcaCertToCas', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateExternalCACertificate', + 'description' => '创建外部子CA证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateExternalCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'MoveResourceGroup', + 'description' => '删除资源组', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:MoveResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListRevokeCertificate', + 'description' => '查询吊销证书列表', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListRevokeCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'TagResources', + 'description' => '为指定资源(SSL证书实例)绑定标签', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-cert:TagResources', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'GetCAInstanceStatus', + 'description' => '查询CA实例的状态信息', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-cert:GetCAInstanceStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateRootCACertificate', + 'description' => '创建根CA证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateRootCACertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateRevokeClientCertificate', + 'description' => '吊销证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateRevokeClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'CreateClientCertificate', + 'description' => '基于系统自动生成的CSR签发单个客户端证书', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-cert:CreateClientCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + [ + 'apiName' => 'ListTagResources', + 'description' => '查询资源和标签关系', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-cert:ListTagResources', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + [ + 'validationType' => 'always', + 'product' => 'SSLCertificatesService', + 'resourceType' => '全部资源', + 'arn' => '*', + ], + ], + ], + ], + ], + 'resourceTypes' => [], + ], +]; |