DescribePcaAndExternalCACertificateList - Certificate Management Service

Returns all your certification authority (CA) certificates. These include certificates generated by Private CA and imported external certificates.

Note

This API has been deprecated. We recommend migrating to cas(2020-06-30) - ListAllEndEntityInstance for enhanced functionality and continued support. While the deprecated API remains temporarily accessible, no further updates or bug fixes will be provided.

Operation description

Performs a paged query to retrieve details for all your CA certificates, including root and subordinate CA certificates. Details include the unique identifier, serial number, subject information, and certificate content.

QPS limit

The queries per second (QPS) limit for a single user is 10 calls per second. API calls that exceed this limit are throttled. This can affect your business. Call this operation at a reasonable rate.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter	Type	Required	Description	Example
CurrentPage	integer	No	The current page number.	1
ShowSize	integer	No	The number of records to display on each page. The default value is 50.	50

Response elements

Element	Type	Description	Example
	object
CurrentPage	integer	The current page number.	1
RequestId	string	The ID of the request.	CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D
TotalCount	integer	The total number of records.	10
PageCount	integer	The number of entries in the list.	1
ShowSize	integer	The number of records to display on each page. The default value is 50.	10
CertificateList	array<object>	The list of certificates.
	object	The list of certificates.
Years	integer	The validity period of the certificate in years.	3
Status	string	The status of the certificate. Valid values: -payed: The certificate is paid. -checking: The certificate is under review. -issued: The certificate is issued. -revoked: The certificate is revoked. -checked_fail: The review failed.	ISSUE
SerialNumber	string	The serial number of the certificate.	62b2b943a32d96883a6650e672ea0276****
CertificateType	string	The type of the certificate.	SUB_ROOT
Algorithm	string	The algorithm.	RSA
State	string	The status of the certificate. The possible values are: - success: The certificate is active. - checking: The system is checking whether the domain name is added to Global Accelerator. - cname_error: The CNAME record of the domain name does not point to the Global Accelerator instance. - domain_invalid: The domain name contains invalid characters. - unsupport_wildcard: Wildcard domain names are not supported.	Zhejiang
Organization	string	The organization.	阿里云计算有限公司
ParentIdentifier	string	The ID of the parent certificate.	1a83bcbb89e562885e40aa0108f5****
Locality	string	The primary domain name that the certificate is attached to.	Hangzhou
Identifier	string	The ID of the certificate.	05e148d8d3ecc9976d9ecd2b2f25****
Sans	string	All domain names bound to the certificate.	[ {"Type": 7, "Value": "192.0.XX.XX"}, {"Type": 2, "Value": "www.aliyundoc.com"}, ]
KeySize	integer	The size of the certificate key. Unit: bits.	2048
X509Certificate	string	The X.509 certificate.	-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----
SubjectDN	string	The subject (owner) of the certificate, in Distinguished Name (DN) format.	C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun
SignAlgorithm	string	The signature algorithm of the certificate.	SHA256WITHRSA
OrganizationUnit	string	The certification authority.	Security
AfterDate	integer	The expiration date of the certificate.	2022-08-23T16:15Z
Sha2	string	The primary domain name with the attached certificate.	14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****
CommonName	string	The primary domain name bound to the certificate.	aliyun.com
Md5	string	The MD5 hash of the certificate.	05e148d8d3ecc9976d9ecd2b2f25****
CountryCode	string	The country code.	CN
BeforeDate	integer	The issuance date of the certificate.	2021-01-01T00:00Z

Examples

Success response

JSON format

{
  "CurrentPage": 1,
  "RequestId": "CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D",
  "TotalCount": 10,
  "PageCount": 1,
  "ShowSize": 10,
  "CertificateList": [
    {
      "Years": 3,
      "Status": "ISSUE",
      "SerialNumber": "62b2b943a32d96883a6650e672ea0276****",
      "CertificateType": "SUB_ROOT",
      "Algorithm": "RSA",
      "State": "Zhejiang",
      "Organization": "阿里云计算有限公司",
      "ParentIdentifier": "1a83bcbb89e562885e40aa0108f5****",
      "Locality": "Hangzhou",
      "Identifier": "05e148d8d3ecc9976d9ecd2b2f25****",
      "Sans": "[ {\"Type\": 7, \"Value\": \"192.0.XX.XX\"}, {\"Type\": 2, \"Value\": \"www.aliyundoc.com\"}, ]",
      "KeySize": 2048,
      "X509Certificate": "-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----",
      "SubjectDN": "C=CN,O=阿里云计算有限公司,OU=Security,L=Hangzhou,ST=Zhejiang,CN=Aliyun",
      "SignAlgorithm": "SHA256WITHRSA",
      "OrganizationUnit": "Security",
      "AfterDate": 0,
      "Sha2": "14dcc8afc7578e1fcec36d658f7e20de18f6957bbac42b373a66bc9de4e9****",
      "CommonName": "aliyun.com",
      "Md5": "05e148d8d3ecc9976d9ecd2b2f25****",
      "CountryCode": "CN",
      "BeforeDate": 0
    }
  ]
}

Error codes

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.