1// Copyright 2019 Istio Authors. All Rights Reserved. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.security.meshca.v1; 18 19import "google/protobuf/duration.proto"; 20 21// Certificate request message. 22message MeshCertificateRequest { 23 // The request ID must be a valid UUID with the exception that zero UUID is 24 // not supported (00000000-0000-0000-0000-000000000000). 25 string request_id = 1; 26 // PEM-encoded certificate request. 27 string csr = 2; 28 // Optional: requested certificate validity period. 29 google.protobuf.Duration validity = 3; 30 // Reserved 4 31} 32 33// Certificate response message. 34message MeshCertificateResponse { 35 // PEM-encoded certificate chain. 36 // Leaf cert is element '0'. Root cert is element 'n'. 37 repeated string cert_chain = 1; 38} 39 40// Service for managing certificates issued by the CSM CA. 41service MeshCertificateService { 42 // Using provided CSR, returns a signed certificate that represents a GCP 43 // service account identity. 44 rpc CreateCertificate(MeshCertificateRequest) 45 returns (MeshCertificateResponse) { 46 } 47} 48