syntax = "proto3"; package envoy.admin.v3; import "google/protobuf/timestamp.proto"; import "udpa/annotations/status.proto"; import "udpa/annotations/versioning.proto"; option java_package = "io.envoyproxy.envoy.admin.v3"; option java_outer_classname = "CertsProto"; option java_multiple_files = true; option (udpa.annotations.file_status).package_version_status = ACTIVE; // [#protodoc-title: Certificates] // Proto representation of certificate details. Admin endpoint uses this wrapper for `/certs` to // display certificate information. See :ref:`/certs ` for more // information. message Certificates { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificates"; // List of certificates known to an Envoy. repeated Certificate certificates = 1; } message Certificate { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.Certificate"; // Details of CA certificate. repeated CertificateDetails ca_cert = 1; // Details of Certificate Chain repeated CertificateDetails cert_chain = 2; } // [#next-free-field: 8] message CertificateDetails { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.CertificateDetails"; message OcspDetails { // Indicates the time from which the OCSP response is valid. google.protobuf.Timestamp valid_from = 1; // Indicates the time at which the OCSP response expires. google.protobuf.Timestamp expiration = 2; } // Path of the certificate. string path = 1; // Certificate Serial Number. string serial_number = 2; // List of Subject Alternate names. repeated SubjectAlternateName subject_alt_names = 3; // Minimum of days until expiration of certificate and it's chain. uint64 days_until_expiration = 4; // Indicates the time from which the certificate is valid. google.protobuf.Timestamp valid_from = 5; // Indicates the time at which the certificate expires. google.protobuf.Timestamp expiration_time = 6; // Details related to the OCSP response associated with this certificate, if any. OcspDetails ocsp_details = 7; } message SubjectAlternateName { option (udpa.annotations.versioning).previous_message_type = "envoy.admin.v2alpha.SubjectAlternateName"; // Subject Alternate Name. oneof name { string dns = 1; string uri = 2; string ip_address = 3; } }