tls.getCertificate

Explore with Pulumi AI

TLS v5.2.0 published on Thursday, Apr 24, 2025 by Pulumi

Using getCertificate

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getCertificate(args: GetCertificateArgs, opts?: InvokeOptions): Promise<GetCertificateResult>
function getCertificateOutput(args: GetCertificateOutputArgs, opts?: InvokeOptions): Output<GetCertificateResult>

def get_certificate(content: Optional[str] = None,
                    url: Optional[str] = None,
                    verify_chain: Optional[bool] = None,
                    opts: Optional[InvokeOptions] = None) -> GetCertificateResult
def get_certificate_output(content: Optional[pulumi.Input[str]] = None,
                    url: Optional[pulumi.Input[str]] = None,
                    verify_chain: Optional[pulumi.Input[bool]] = None,
                    opts: Optional[InvokeOptions] = None) -> Output[GetCertificateResult]

func GetCertificate(ctx *Context, args *GetCertificateArgs, opts ...InvokeOption) (*GetCertificateResult, error)
func GetCertificateOutput(ctx *Context, args *GetCertificateOutputArgs, opts ...InvokeOption) GetCertificateResultOutput

> Note: This function is named GetCertificate in the Go SDK.

public static class GetCertificate 
{
    public static Task<GetCertificateResult> InvokeAsync(GetCertificateArgs args, InvokeOptions? opts = null)
    public static Output<GetCertificateResult> Invoke(GetCertificateInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetCertificateResult> getCertificate(GetCertificateArgs args, InvokeOptions options)
public static Output<GetCertificateResult> getCertificate(GetCertificateArgs args, InvokeOptions options)

fn::invoke:
  function: tls:index/getCertificate:getCertificate
  arguments:
    # arguments dictionary

The following arguments are supported:

Content string: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
Url string: The URL of the website to get the certificates from. Cannot be used with content.
VerifyChain bool: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

Content string: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
Url string: The URL of the website to get the certificates from. Cannot be used with content.
VerifyChain bool: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

content String: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url String: The URL of the website to get the certificates from. Cannot be used with content.
verifyChain Boolean: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

content string: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url string: The URL of the website to get the certificates from. Cannot be used with content.
verifyChain boolean: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

content str: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url str: The URL of the website to get the certificates from. Cannot be used with content.
verify_chain bool: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

content String: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url String: The URL of the website to get the certificates from. Cannot be used with content.
verifyChain Boolean: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

getCertificate Result

The following output properties are available:

Certificates List<GetCertificateCertificate>: The certificates protecting the site, with the root of the chain first.
Id string: Unique identifier of this data source: hashing of the certificates in the chain.
Content string: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
Url string: The URL of the website to get the certificates from. Cannot be used with content.
VerifyChain bool: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

Certificates []GetCertificateCertificate: The certificates protecting the site, with the root of the chain first.
Id string: Unique identifier of this data source: hashing of the certificates in the chain.
Content string: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
Url string: The URL of the website to get the certificates from. Cannot be used with content.
VerifyChain bool: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

certificates List<GetCertificateCertificate>: The certificates protecting the site, with the root of the chain first.
id String: Unique identifier of this data source: hashing of the certificates in the chain.
content String: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url String: The URL of the website to get the certificates from. Cannot be used with content.
verifyChain Boolean: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

certificates GetCertificateCertificate[]: The certificates protecting the site, with the root of the chain first.
id string: Unique identifier of this data source: hashing of the certificates in the chain.
content string: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url string: The URL of the website to get the certificates from. Cannot be used with content.
verifyChain boolean: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

certificates Sequence[GetCertificateCertificate]: The certificates protecting the site, with the root of the chain first.
id str: Unique identifier of this data source: hashing of the certificates in the chain.
content str: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url str: The URL of the website to get the certificates from. Cannot be used with content.
verify_chain bool: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

certificates List<Property Map>: The certificates protecting the site, with the root of the chain first.
id String: Unique identifier of this data source: hashing of the certificates in the chain.
content String: The content of the certificate in PEM (RFC 1421) format. Cannot be used with url.
url String: The URL of the website to get the certificates from. Cannot be used with content.
verifyChain Boolean: Whether to verify the certificate chain while parsing it or not (default: true). Cannot be used with content.

Supporting Types

GetCertificateCertificate

CertPem string: Certificate data in PEM (RFC 1421) format. NOTE: the underlying libraries that generate this value append a \n at the end of the PEM. In case this disrupts your use case, we recommend using trimspace().
IsCa bool: true if the certificate is of a CA (Certificate Authority).
Issuer string: Who verified and signed the certificate, roughly following RFC2253.
NotAfter string: The time until which the certificate is invalid, as an RFC3339 timestamp.
NotBefore string: The time after which the certificate is valid, as an RFC3339 timestamp.
PublicKeyAlgorithm string: The key algorithm used to create the certificate.
SerialNumber string: Number that uniquely identifies the certificate with the CA's system. The format function can be used to convert this base 10 number into other bases, such as hex.
Sha1Fingerprint string: The SHA1 fingerprint of the public key of the certificate.
SignatureAlgorithm string: The algorithm used to sign the certificate.
Subject string: The entity the certificate belongs to, roughly following RFC2253.
Version int: The version the certificate is in.

CertPem string: Certificate data in PEM (RFC 1421) format. NOTE: the underlying libraries that generate this value append a \n at the end of the PEM. In case this disrupts your use case, we recommend using trimspace().
IsCa bool: true if the certificate is of a CA (Certificate Authority).
Issuer string: Who verified and signed the certificate, roughly following RFC2253.
NotAfter string: The time until which the certificate is invalid, as an RFC3339 timestamp.
NotBefore string: The time after which the certificate is valid, as an RFC3339 timestamp.
PublicKeyAlgorithm string: The key algorithm used to create the certificate.
SerialNumber string: Number that uniquely identifies the certificate with the CA's system. The format function can be used to convert this base 10 number into other bases, such as hex.
Sha1Fingerprint string: The SHA1 fingerprint of the public key of the certificate.
SignatureAlgorithm string: The algorithm used to sign the certificate.
Subject string: The entity the certificate belongs to, roughly following RFC2253.
Version int: The version the certificate is in.

certPem String: Certificate data in PEM (RFC 1421) format. NOTE: the underlying libraries that generate this value append a \n at the end of the PEM. In case this disrupts your use case, we recommend using trimspace().
isCa Boolean: true if the certificate is of a CA (Certificate Authority).
issuer String: Who verified and signed the certificate, roughly following RFC2253.
notAfter String: The time until which the certificate is invalid, as an RFC3339 timestamp.
notBefore String: The time after which the certificate is valid, as an RFC3339 timestamp.
publicKeyAlgorithm String: The key algorithm used to create the certificate.
serialNumber String: Number that uniquely identifies the certificate with the CA's system. The format function can be used to convert this base 10 number into other bases, such as hex.
sha1Fingerprint String: The SHA1 fingerprint of the public key of the certificate.
signatureAlgorithm String: The algorithm used to sign the certificate.
subject String: The entity the certificate belongs to, roughly following RFC2253.
version Integer: The version the certificate is in.

certPem string: Certificate data in PEM (RFC 1421) format. NOTE: the underlying libraries that generate this value append a \n at the end of the PEM. In case this disrupts your use case, we recommend using trimspace().
isCa boolean: true if the certificate is of a CA (Certificate Authority).
issuer string: Who verified and signed the certificate, roughly following RFC2253.
notAfter string: The time until which the certificate is invalid, as an RFC3339 timestamp.
notBefore string: The time after which the certificate is valid, as an RFC3339 timestamp.
publicKeyAlgorithm string: The key algorithm used to create the certificate.
serialNumber string: Number that uniquely identifies the certificate with the CA's system. The format function can be used to convert this base 10 number into other bases, such as hex.
sha1Fingerprint string: The SHA1 fingerprint of the public key of the certificate.
signatureAlgorithm string: The algorithm used to sign the certificate.
subject string: The entity the certificate belongs to, roughly following RFC2253.
version number: The version the certificate is in.

cert_pem str: Certificate data in PEM (RFC 1421) format. NOTE: the underlying libraries that generate this value append a \n at the end of the PEM. In case this disrupts your use case, we recommend using trimspace().
is_ca bool: true if the certificate is of a CA (Certificate Authority).
issuer str: Who verified and signed the certificate, roughly following RFC2253.
not_after str: The time until which the certificate is invalid, as an RFC3339 timestamp.
not_before str: The time after which the certificate is valid, as an RFC3339 timestamp.
public_key_algorithm str: The key algorithm used to create the certificate.
serial_number str: Number that uniquely identifies the certificate with the CA's system. The format function can be used to convert this base 10 number into other bases, such as hex.
sha1_fingerprint str: The SHA1 fingerprint of the public key of the certificate.
signature_algorithm str: The algorithm used to sign the certificate.
subject str: The entity the certificate belongs to, roughly following RFC2253.
version int: The version the certificate is in.

certPem String: Certificate data in PEM (RFC 1421) format. NOTE: the underlying libraries that generate this value append a \n at the end of the PEM. In case this disrupts your use case, we recommend using trimspace().
isCa Boolean: true if the certificate is of a CA (Certificate Authority).
issuer String: Who verified and signed the certificate, roughly following RFC2253.
notAfter String: The time until which the certificate is invalid, as an RFC3339 timestamp.
notBefore String: The time after which the certificate is valid, as an RFC3339 timestamp.
publicKeyAlgorithm String: The key algorithm used to create the certificate.
serialNumber String: Number that uniquely identifies the certificate with the CA's system. The format function can be used to convert this base 10 number into other bases, such as hex.
sha1Fingerprint String: The SHA1 fingerprint of the public key of the certificate.
signatureAlgorithm String: The algorithm used to sign the certificate.
subject String: The entity the certificate belongs to, roughly following RFC2253.
version Number: The version the certificate is in.

Package Details

Repository: TLS pulumi/pulumi-tls
License: Apache-2.0
Notes: This Pulumi package is based on the tls Terraform Provider.

TLS v5.2.0 published on Thursday, Apr 24, 2025 by Pulumi

pulumi/pulumi-tls

tls.getCertificate

On this page

On this page

Using getCertificate

getCertificate Result

Supporting Types

GetCertificateCertificate

Package Details

On this page

On this page