Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Waas
  5. Certificate
Oracle Cloud Infrastructure v2.30.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-oci

oci.Waas.Certificate

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.30.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-oci

This resource provides the Certificate resource in Oracle Cloud Infrastructure Web Application Acceleration and Security service.

Allows an SSL certificate to be added to a WAAS policy. The Web Application Firewall terminates SSL connections to inspect requests in runtime, and then re-encrypts requests before sending them to the origin for fulfillment.

For more information, see WAF Settings.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testCertificate = new oci.waas.Certificate("test_certificate", {
    certificateData: certificateCertificateData,
    compartmentId: compartmentId,
    privateKeyData: certificatePrivateKeyData,
    definedTags: {
        "Operations.CostCenter": "42",
    },
    displayName: certificateDisplayName,
    freeformTags: {
        Department: "Finance",
    },
    isTrustVerificationDisabled: certificateIsTrustVerificationDisabled,
});
Copy
import pulumi
import pulumi_oci as oci

test_certificate = oci.waas.Certificate("test_certificate",
    certificate_data=certificate_certificate_data,
    compartment_id=compartment_id,
    private_key_data=certificate_private_key_data,
    defined_tags={
        "Operations.CostCenter": "42",
    },
    display_name=certificate_display_name,
    freeform_tags={
        "Department": "Finance",
    },
    is_trust_verification_disabled=certificate_is_trust_verification_disabled)
Copy
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/waas"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := waas.NewCertificate(ctx, "test_certificate", &waas.CertificateArgs{
			CertificateData: pulumi.Any(certificateCertificateData),
			CompartmentId:   pulumi.Any(compartmentId),
			PrivateKeyData:  pulumi.Any(certificatePrivateKeyData),
			DefinedTags: pulumi.StringMap{
				"Operations.CostCenter": pulumi.String("42"),
			},
			DisplayName: pulumi.Any(certificateDisplayName),
			FreeformTags: pulumi.StringMap{
				"Department": pulumi.String("Finance"),
			},
			IsTrustVerificationDisabled: pulumi.Any(certificateIsTrustVerificationDisabled),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testCertificate = new Oci.Waas.Certificate("test_certificate", new()
    {
        CertificateData = certificateCertificateData,
        CompartmentId = compartmentId,
        PrivateKeyData = certificatePrivateKeyData,
        DefinedTags = 
        {
            { "Operations.CostCenter", "42" },
        },
        DisplayName = certificateDisplayName,
        FreeformTags = 
        {
            { "Department", "Finance" },
        },
        IsTrustVerificationDisabled = certificateIsTrustVerificationDisabled,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Waas.Certificate;
import com.pulumi.oci.Waas.CertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testCertificate = new Certificate("testCertificate", CertificateArgs.builder()
            .certificateData(certificateCertificateData)
            .compartmentId(compartmentId)
            .privateKeyData(certificatePrivateKeyData)
            .definedTags(Map.of("Operations.CostCenter", "42"))
            .displayName(certificateDisplayName)
            .freeformTags(Map.of("Department", "Finance"))
            .isTrustVerificationDisabled(certificateIsTrustVerificationDisabled)
            .build());

    }
}
Copy
resources:
  testCertificate:
    type: oci:Waas:Certificate
    name: test_certificate
    properties:
      certificateData: ${certificateCertificateData}
      compartmentId: ${compartmentId}
      privateKeyData: ${certificatePrivateKeyData}
      definedTags:
        Operations.CostCenter: '42'
      displayName: ${certificateDisplayName}
      freeformTags:
        Department: Finance
      isTrustVerificationDisabled: ${certificateIsTrustVerificationDisabled}
Copy

Create Certificate Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Certificate(name: string, args: CertificateArgs, opts?: CustomResourceOptions);
@overload
def Certificate(resource_name: str,
                args: CertificateArgs,
                opts: Optional[ResourceOptions] = None)

@overload
def Certificate(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                certificate_data: Optional[str] = None,
                compartment_id: Optional[str] = None,
                private_key_data: Optional[str] = None,
                defined_tags: Optional[Mapping[str, str]] = None,
                display_name: Optional[str] = None,
                freeform_tags: Optional[Mapping[str, str]] = None,
                is_trust_verification_disabled: Optional[bool] = None)
func NewCertificate(ctx *Context, name string, args CertificateArgs, opts ...ResourceOption) (*Certificate, error)
public Certificate(string name, CertificateArgs args, CustomResourceOptions? opts = null)
public Certificate(String name, CertificateArgs args)
public Certificate(String name, CertificateArgs args, CustomResourceOptions options)

type: oci:Waas:Certificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. CertificateArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. CertificateArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. CertificateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. CertificateArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var examplecertificateResourceResourceFromWaascertificate = new Oci.Waas.Certificate("examplecertificateResourceResourceFromWaascertificate", new()
{
    CertificateData = "string",
    CompartmentId = "string",
    PrivateKeyData = "string",
    DefinedTags = 
    {
        { "string", "string" },
    },
    DisplayName = "string",
    FreeformTags = 
    {
        { "string", "string" },
    },
    IsTrustVerificationDisabled = false,
});
Copy
example, err := Waas.NewCertificate(ctx, "examplecertificateResourceResourceFromWaascertificate", &Waas.CertificateArgs{
	CertificateData: pulumi.String("string"),
	CompartmentId:   pulumi.String("string"),
	PrivateKeyData:  pulumi.String("string"),
	DefinedTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	DisplayName: pulumi.String("string"),
	FreeformTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	IsTrustVerificationDisabled: pulumi.Bool(false),
})
Copy
var examplecertificateResourceResourceFromWaascertificate = new Certificate("examplecertificateResourceResourceFromWaascertificate", CertificateArgs.builder()
    .certificateData("string")
    .compartmentId("string")
    .privateKeyData("string")
    .definedTags(Map.of("string", "string"))
    .displayName("string")
    .freeformTags(Map.of("string", "string"))
    .isTrustVerificationDisabled(false)
    .build());
Copy
examplecertificate_resource_resource_from_waascertificate = oci.waas.Certificate("examplecertificateResourceResourceFromWaascertificate",
    certificate_data="string",
    compartment_id="string",
    private_key_data="string",
    defined_tags={
        "string": "string",
    },
    display_name="string",
    freeform_tags={
        "string": "string",
    },
    is_trust_verification_disabled=False)
Copy
const examplecertificateResourceResourceFromWaascertificate = new oci.waas.Certificate("examplecertificateResourceResourceFromWaascertificate", {
    certificateData: "string",
    compartmentId: "string",
    privateKeyData: "string",
    definedTags: {
        string: "string",
    },
    displayName: "string",
    freeformTags: {
        string: "string",
    },
    isTrustVerificationDisabled: false,
});
Copy
type: oci:Waas:Certificate
properties:
    certificateData: string
    compartmentId: string
    definedTags:
        string: string
    displayName: string
    freeformTags:
        string: string
    isTrustVerificationDisabled: false
    privateKeyData: string
Copy

Certificate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Certificate resource accepts the following input properties:

CertificateData
This property is required.
Changes to this property will trigger replacement.
string

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

CompartmentId This property is required. string
(Updatable) The OCID of the compartment in which to create the SSL certificate.
PrivateKeyData
This property is required.
Changes to this property will trigger replacement.
string

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

DefinedTags Dictionary<string, string>
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
DisplayName string
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
FreeformTags Dictionary<string, string>
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
IsTrustVerificationDisabled Changes to this property will trigger replacement. bool
Set to true if the SSL certificate is self-signed.
CertificateData
This property is required.
Changes to this property will trigger replacement.
string

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

CompartmentId This property is required. string
(Updatable) The OCID of the compartment in which to create the SSL certificate.
PrivateKeyData
This property is required.
Changes to this property will trigger replacement.
string

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

DefinedTags map[string]string
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
DisplayName string
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
FreeformTags map[string]string
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
IsTrustVerificationDisabled Changes to this property will trigger replacement. bool
Set to true if the SSL certificate is self-signed.
certificateData
This property is required.
Changes to this property will trigger replacement.
String

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartmentId This property is required. String
(Updatable) The OCID of the compartment in which to create the SSL certificate.
privateKeyData
This property is required.
Changes to this property will trigger replacement.
String

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

definedTags Map<String,String>
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
displayName String
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
freeformTags Map<String,String>
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
isTrustVerificationDisabled Changes to this property will trigger replacement. Boolean
Set to true if the SSL certificate is self-signed.
certificateData
This property is required.
Changes to this property will trigger replacement.
string

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartmentId This property is required. string
(Updatable) The OCID of the compartment in which to create the SSL certificate.
privateKeyData
This property is required.
Changes to this property will trigger replacement.
string

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

definedTags {[key: string]: string}
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
displayName string
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
freeformTags {[key: string]: string}
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
isTrustVerificationDisabled Changes to this property will trigger replacement. boolean
Set to true if the SSL certificate is self-signed.
certificate_data
This property is required.
Changes to this property will trigger replacement.
str

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartment_id This property is required. str
(Updatable) The OCID of the compartment in which to create the SSL certificate.
private_key_data
This property is required.
Changes to this property will trigger replacement.
str

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

defined_tags Mapping[str, str]
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
display_name str
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
freeform_tags Mapping[str, str]
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
is_trust_verification_disabled Changes to this property will trigger replacement. bool
Set to true if the SSL certificate is self-signed.
certificateData
This property is required.
Changes to this property will trigger replacement.
String

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartmentId This property is required. String
(Updatable) The OCID of the compartment in which to create the SSL certificate.
privateKeyData
This property is required.
Changes to this property will trigger replacement.
String

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

definedTags Map<String>
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
displayName String
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
freeformTags Map<String>
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
isTrustVerificationDisabled Changes to this property will trigger replacement. Boolean
Set to true if the SSL certificate is self-signed.

Outputs

All input properties are implicitly available as output properties. Additionally, the Certificate resource produces the following output properties:

Extensions List<CertificateExtension>
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
Id string
The provider-assigned unique ID for this managed resource.
IssuedBy string
IssuerNames List<CertificateIssuerName>
The issuer of the certificate.
PublicKeyInfos List<CertificatePublicKeyInfo>
Information about the public key and the algorithm used by the public key.
SerialNumber string
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
SignatureAlgorithm string
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
State string
The current lifecycle state of the SSL certificate.
SubjectNames List<CertificateSubjectName>
The entity to be secured by the certificate.
TimeCreated string
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
TimeNotValidAfter string
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
TimeNotValidBefore string
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
Version int
The version of the encoded certificate.
Extensions []CertificateExtension
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
Id string
The provider-assigned unique ID for this managed resource.
IssuedBy string
IssuerNames []CertificateIssuerName
The issuer of the certificate.
PublicKeyInfos []CertificatePublicKeyInfo
Information about the public key and the algorithm used by the public key.
SerialNumber string
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
SignatureAlgorithm string
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
State string
The current lifecycle state of the SSL certificate.
SubjectNames []CertificateSubjectName
The entity to be secured by the certificate.
TimeCreated string
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
TimeNotValidAfter string
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
TimeNotValidBefore string
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
Version int
The version of the encoded certificate.
extensions List<CertificateExtension>
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
id String
The provider-assigned unique ID for this managed resource.
issuedBy String
issuerNames List<CertificateIssuerName>
The issuer of the certificate.
publicKeyInfos List<CertificatePublicKeyInfo>
Information about the public key and the algorithm used by the public key.
serialNumber String
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signatureAlgorithm String
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state String
The current lifecycle state of the SSL certificate.
subjectNames List<CertificateSubjectName>
The entity to be secured by the certificate.
timeCreated String
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
timeNotValidAfter String
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
timeNotValidBefore String
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version Integer
The version of the encoded certificate.
extensions CertificateExtension[]
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
id string
The provider-assigned unique ID for this managed resource.
issuedBy string
issuerNames CertificateIssuerName[]
The issuer of the certificate.
publicKeyInfos CertificatePublicKeyInfo[]
Information about the public key and the algorithm used by the public key.
serialNumber string
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signatureAlgorithm string
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state string
The current lifecycle state of the SSL certificate.
subjectNames CertificateSubjectName[]
The entity to be secured by the certificate.
timeCreated string
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
timeNotValidAfter string
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
timeNotValidBefore string
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version number
The version of the encoded certificate.
extensions Sequence[waas.CertificateExtension]
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
id str
The provider-assigned unique ID for this managed resource.
issued_by str
issuer_names Sequence[waas.CertificateIssuerName]
The issuer of the certificate.
public_key_infos Sequence[waas.CertificatePublicKeyInfo]
Information about the public key and the algorithm used by the public key.
serial_number str
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signature_algorithm str
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state str
The current lifecycle state of the SSL certificate.
subject_names Sequence[waas.CertificateSubjectName]
The entity to be secured by the certificate.
time_created str
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
time_not_valid_after str
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
time_not_valid_before str
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version int
The version of the encoded certificate.
extensions List<Property Map>
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
id String
The provider-assigned unique ID for this managed resource.
issuedBy String
issuerNames List<Property Map>
The issuer of the certificate.
publicKeyInfos List<Property Map>
Information about the public key and the algorithm used by the public key.
serialNumber String
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signatureAlgorithm String
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state String
The current lifecycle state of the SSL certificate.
subjectNames List<Property Map>
The entity to be secured by the certificate.
timeCreated String
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
timeNotValidAfter String
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
timeNotValidBefore String
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version Number
The version of the encoded certificate.

Look up Existing Certificate Resource

Get an existing Certificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CertificateState, opts?: CustomResourceOptions): Certificate
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        certificate_data: Optional[str] = None,
        compartment_id: Optional[str] = None,
        defined_tags: Optional[Mapping[str, str]] = None,
        display_name: Optional[str] = None,
        extensions: Optional[Sequence[_waas.CertificateExtensionArgs]] = None,
        freeform_tags: Optional[Mapping[str, str]] = None,
        is_trust_verification_disabled: Optional[bool] = None,
        issued_by: Optional[str] = None,
        issuer_names: Optional[Sequence[_waas.CertificateIssuerNameArgs]] = None,
        private_key_data: Optional[str] = None,
        public_key_infos: Optional[Sequence[_waas.CertificatePublicKeyInfoArgs]] = None,
        serial_number: Optional[str] = None,
        signature_algorithm: Optional[str] = None,
        state: Optional[str] = None,
        subject_names: Optional[Sequence[_waas.CertificateSubjectNameArgs]] = None,
        time_created: Optional[str] = None,
        time_not_valid_after: Optional[str] = None,
        time_not_valid_before: Optional[str] = None,
        version: Optional[int] = None) -> Certificate
func GetCertificate(ctx *Context, name string, id IDInput, state *CertificateState, opts ...ResourceOption) (*Certificate, error)
public static Certificate Get(string name, Input<string> id, CertificateState? state, CustomResourceOptions? opts = null)
public static Certificate get(String name, Output<String> id, CertificateState state, CustomResourceOptions options)
resources:  _:    type: oci:Waas:Certificate    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
CertificateData Changes to this property will trigger replacement. string

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

CompartmentId string
(Updatable) The OCID of the compartment in which to create the SSL certificate.
DefinedTags Dictionary<string, string>
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
DisplayName string
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
Extensions List<CertificateExtension>
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
FreeformTags Dictionary<string, string>
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
IsTrustVerificationDisabled Changes to this property will trigger replacement. bool
Set to true if the SSL certificate is self-signed.
IssuedBy string
IssuerNames List<CertificateIssuerName>
The issuer of the certificate.
PrivateKeyData Changes to this property will trigger replacement. string

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

PublicKeyInfos List<CertificatePublicKeyInfo>
Information about the public key and the algorithm used by the public key.
SerialNumber string
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
SignatureAlgorithm string
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
State string
The current lifecycle state of the SSL certificate.
SubjectNames List<CertificateSubjectName>
The entity to be secured by the certificate.
TimeCreated string
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
TimeNotValidAfter string
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
TimeNotValidBefore string
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
Version int
The version of the encoded certificate.
CertificateData Changes to this property will trigger replacement. string

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

CompartmentId string
(Updatable) The OCID of the compartment in which to create the SSL certificate.
DefinedTags map[string]string
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
DisplayName string
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
Extensions []CertificateExtensionArgs
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
FreeformTags map[string]string
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
IsTrustVerificationDisabled Changes to this property will trigger replacement. bool
Set to true if the SSL certificate is self-signed.
IssuedBy string
IssuerNames []CertificateIssuerNameArgs
The issuer of the certificate.
PrivateKeyData Changes to this property will trigger replacement. string

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

PublicKeyInfos []CertificatePublicKeyInfoArgs
Information about the public key and the algorithm used by the public key.
SerialNumber string
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
SignatureAlgorithm string
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
State string
The current lifecycle state of the SSL certificate.
SubjectNames []CertificateSubjectNameArgs
The entity to be secured by the certificate.
TimeCreated string
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
TimeNotValidAfter string
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
TimeNotValidBefore string
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
Version int
The version of the encoded certificate.
certificateData Changes to this property will trigger replacement. String

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartmentId String
(Updatable) The OCID of the compartment in which to create the SSL certificate.
definedTags Map<String,String>
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
displayName String
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
extensions List<CertificateExtension>
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
freeformTags Map<String,String>
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
isTrustVerificationDisabled Changes to this property will trigger replacement. Boolean
Set to true if the SSL certificate is self-signed.
issuedBy String
issuerNames List<CertificateIssuerName>
The issuer of the certificate.
privateKeyData Changes to this property will trigger replacement. String

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

publicKeyInfos List<CertificatePublicKeyInfo>
Information about the public key and the algorithm used by the public key.
serialNumber String
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signatureAlgorithm String
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state String
The current lifecycle state of the SSL certificate.
subjectNames List<CertificateSubjectName>
The entity to be secured by the certificate.
timeCreated String
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
timeNotValidAfter String
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
timeNotValidBefore String
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version Integer
The version of the encoded certificate.
certificateData Changes to this property will trigger replacement. string

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartmentId string
(Updatable) The OCID of the compartment in which to create the SSL certificate.
definedTags {[key: string]: string}
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
displayName string
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
extensions CertificateExtension[]
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
freeformTags {[key: string]: string}
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
isTrustVerificationDisabled Changes to this property will trigger replacement. boolean
Set to true if the SSL certificate is self-signed.
issuedBy string
issuerNames CertificateIssuerName[]
The issuer of the certificate.
privateKeyData Changes to this property will trigger replacement. string

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

publicKeyInfos CertificatePublicKeyInfo[]
Information about the public key and the algorithm used by the public key.
serialNumber string
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signatureAlgorithm string
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state string
The current lifecycle state of the SSL certificate.
subjectNames CertificateSubjectName[]
The entity to be secured by the certificate.
timeCreated string
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
timeNotValidAfter string
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
timeNotValidBefore string
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version number
The version of the encoded certificate.
certificate_data Changes to this property will trigger replacement. str

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartment_id str
(Updatable) The OCID of the compartment in which to create the SSL certificate.
defined_tags Mapping[str, str]
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
display_name str
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
extensions Sequence[waas.CertificateExtensionArgs]
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
freeform_tags Mapping[str, str]
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
is_trust_verification_disabled Changes to this property will trigger replacement. bool
Set to true if the SSL certificate is self-signed.
issued_by str
issuer_names Sequence[waas.CertificateIssuerNameArgs]
The issuer of the certificate.
private_key_data Changes to this property will trigger replacement. str

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

public_key_infos Sequence[waas.CertificatePublicKeyInfoArgs]
Information about the public key and the algorithm used by the public key.
serial_number str
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signature_algorithm str
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state str
The current lifecycle state of the SSL certificate.
subject_names Sequence[waas.CertificateSubjectNameArgs]
The entity to be secured by the certificate.
time_created str
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
time_not_valid_after str
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
time_not_valid_before str
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version int
The version of the encoded certificate.
certificateData Changes to this property will trigger replacement. String

The data of the SSL certificate.

Note: Many SSL certificate providers require an intermediate certificate chain to ensure a trusted status. If your SSL certificate requires an intermediate certificate chain, please append the intermediate certificate key in the certificateData field after the leaf certificate issued by the SSL certificate provider. If you are unsure if your certificate requires an intermediate certificate chain, see your certificate provider's documentation.

The example below shows an intermediate certificate appended to a leaf certificate.

compartmentId String
(Updatable) The OCID of the compartment in which to create the SSL certificate.
definedTags Map<String>
(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags. Example: {"Operations.CostCenter": "42"}
displayName String
(Updatable) A user-friendly name for the SSL certificate. The name can be changed and does not need to be unique.
extensions List<Property Map>
Additional attributes associated with users or public keys for managing relationships between Certificate Authorities.
freeformTags Map<String>
(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags. Example: {"Department": "Finance"}
isTrustVerificationDisabled Changes to this property will trigger replacement. Boolean
Set to true if the SSL certificate is self-signed.
issuedBy String
issuerNames List<Property Map>
The issuer of the certificate.
privateKeyData Changes to this property will trigger replacement. String

The private key of the SSL certificate.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

publicKeyInfos List<Property Map>
Information about the public key and the algorithm used by the public key.
serialNumber String
A unique, positive integer assigned by the Certificate Authority (CA). The issuer name and serial number identify a unique certificate.
signatureAlgorithm String
The identifier for the cryptographic algorithm used by the Certificate Authority (CA) to sign this certificate.
state String
The current lifecycle state of the SSL certificate.
subjectNames List<Property Map>
The entity to be secured by the certificate.
timeCreated String
The date and time the certificate was created, expressed in RFC 3339 timestamp format.
timeNotValidAfter String
The date and time the certificate will expire, expressed in RFC 3339 timestamp format.
timeNotValidBefore String
The date and time the certificate will become valid, expressed in RFC 3339 timestamp format.
version Number
The version of the encoded certificate.

Supporting Types

CertificateExtension
, CertificateExtensionArgs

IsCritical bool
The critical flag of the extension. Critical extensions must be processed, non-critical extensions can be ignored.
Name string
The certificate extension name.
Value string
The certificate extension value.
IsCritical bool
The critical flag of the extension. Critical extensions must be processed, non-critical extensions can be ignored.
Name string
The certificate extension name.
Value string
The certificate extension value.
isCritical Boolean
The critical flag of the extension. Critical extensions must be processed, non-critical extensions can be ignored.
name String
The certificate extension name.
value String
The certificate extension value.
isCritical boolean
The critical flag of the extension. Critical extensions must be processed, non-critical extensions can be ignored.
name string
The certificate extension name.
value string
The certificate extension value.
is_critical bool
The critical flag of the extension. Critical extensions must be processed, non-critical extensions can be ignored.
name str
The certificate extension name.
value str
The certificate extension value.
isCritical Boolean
The critical flag of the extension. Critical extensions must be processed, non-critical extensions can be ignored.
name String
The certificate extension name.
value String
The certificate extension value.

CertificateIssuerName
, CertificateIssuerNameArgs

CommonName string
The fully qualified domain name used for DNS lookups of the server.
Country string
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
EmailAddress string
The email address of the server's administrator.
Locality string
The city in which the organization is located.
Organization string
The organization name.
OrganizationalUnit string
The field to differentiate between divisions within an organization.
StateProvince string
The province where the organization is located.
CommonName string
The fully qualified domain name used for DNS lookups of the server.
Country string
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
EmailAddress string
The email address of the server's administrator.
Locality string
The city in which the organization is located.
Organization string
The organization name.
OrganizationalUnit string
The field to differentiate between divisions within an organization.
StateProvince string
The province where the organization is located.
commonName String
The fully qualified domain name used for DNS lookups of the server.
country String
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
emailAddress String
The email address of the server's administrator.
locality String
The city in which the organization is located.
organization String
The organization name.
organizationalUnit String
The field to differentiate between divisions within an organization.
stateProvince String
The province where the organization is located.
commonName string
The fully qualified domain name used for DNS lookups of the server.
country string
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
emailAddress string
The email address of the server's administrator.
locality string
The city in which the organization is located.
organization string
The organization name.
organizationalUnit string
The field to differentiate between divisions within an organization.
stateProvince string
The province where the organization is located.
common_name str
The fully qualified domain name used for DNS lookups of the server.
country str
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
email_address str
The email address of the server's administrator.
locality str
The city in which the organization is located.
organization str
The organization name.
organizational_unit str
The field to differentiate between divisions within an organization.
state_province str
The province where the organization is located.
commonName String
The fully qualified domain name used for DNS lookups of the server.
country String
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
emailAddress String
The email address of the server's administrator.
locality String
The city in which the organization is located.
organization String
The organization name.
organizationalUnit String
The field to differentiate between divisions within an organization.
stateProvince String
The province where the organization is located.

CertificatePublicKeyInfo
, CertificatePublicKeyInfoArgs

Algorithm string
The algorithm identifier and parameters for the public key.
Exponent int
The private key exponent.
KeySize int
The number of bits in a key used by a cryptographic algorithm.
Algorithm string
The algorithm identifier and parameters for the public key.
Exponent int
The private key exponent.
KeySize int
The number of bits in a key used by a cryptographic algorithm.
algorithm String
The algorithm identifier and parameters for the public key.
exponent Integer
The private key exponent.
keySize Integer
The number of bits in a key used by a cryptographic algorithm.
algorithm string
The algorithm identifier and parameters for the public key.
exponent number
The private key exponent.
keySize number
The number of bits in a key used by a cryptographic algorithm.
algorithm str
The algorithm identifier and parameters for the public key.
exponent int
The private key exponent.
key_size int
The number of bits in a key used by a cryptographic algorithm.
algorithm String
The algorithm identifier and parameters for the public key.
exponent Number
The private key exponent.
keySize Number
The number of bits in a key used by a cryptographic algorithm.

CertificateSubjectName
, CertificateSubjectNameArgs

CommonName string
The fully qualified domain name used for DNS lookups of the server.
Country string
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
EmailAddress string
The email address of the server's administrator.
Locality string
The city in which the organization is located.
Organization string
The organization name.
OrganizationalUnit string
The field to differentiate between divisions within an organization.
StateProvince string
The province where the organization is located.
CommonName string
The fully qualified domain name used for DNS lookups of the server.
Country string
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
EmailAddress string
The email address of the server's administrator.
Locality string
The city in which the organization is located.
Organization string
The organization name.
OrganizationalUnit string
The field to differentiate between divisions within an organization.
StateProvince string
The province where the organization is located.
commonName String
The fully qualified domain name used for DNS lookups of the server.
country String
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
emailAddress String
The email address of the server's administrator.
locality String
The city in which the organization is located.
organization String
The organization name.
organizationalUnit String
The field to differentiate between divisions within an organization.
stateProvince String
The province where the organization is located.
commonName string
The fully qualified domain name used for DNS lookups of the server.
country string
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
emailAddress string
The email address of the server's administrator.
locality string
The city in which the organization is located.
organization string
The organization name.
organizationalUnit string
The field to differentiate between divisions within an organization.
stateProvince string
The province where the organization is located.
common_name str
The fully qualified domain name used for DNS lookups of the server.
country str
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
email_address str
The email address of the server's administrator.
locality str
The city in which the organization is located.
organization str
The organization name.
organizational_unit str
The field to differentiate between divisions within an organization.
state_province str
The province where the organization is located.
commonName String
The fully qualified domain name used for DNS lookups of the server.
country String
ISO 3166-1 alpha-2 code of the country where the organization is located. For a list of codes, see ISO's website.
emailAddress String
The email address of the server's administrator.
locality String
The city in which the organization is located.
organization String
The organization name.
organizationalUnit String
The field to differentiate between divisions within an organization.
stateProvince String
The province where the organization is located.

Import

Import is not supported for this resource.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes
This Pulumi package is based on the oci Terraform Provider.
Oracle Cloud Infrastructure v2.30.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-oci