Help Center/ Cloud Container Engine/ API Reference/ Out-of-Date APIs/ Cluster Management/ Obtaining a Cluster Certificate (Discarded)
Updated on 2026-01-08 GMT+08:00
View PDF
Share

Obtaining a Cluster Certificate (Discarded)

Function

This API is used to obtain certificates of a specified cluster. This API has been discarded. Use this API to obtain the cluster certificate instead.

Calling Method

For details, see Calling APIs.

Authorization

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

  • If you are using role/policy-based authorization, see the required permissions in Permissions Policies and Supported Actions.
  • If you are using identity policy-based authorization, the permission listed below is required.

    Action

    Access Level

    Resource Type (*: required)

    Condition Key

    Alias

    Dependencies

    cce:cluster:generateClientCredential

    Read

    cluster *

    • g:EnterpriseProjectId

    • g:ResourceTag/<tag-key>
    • cce:cluster:get

    -

URI

GET /api/v3/projects/{project_id}/clusters/{cluster_id}/clustercert

Table 1 URI parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details about how to obtain a project ID, see How to Obtain Parameters in the API URI.

cluster_id

Yes

String

Cluster ID. For details about how to obtain a cluster ID, see How to Obtain Parameters in the API URI.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

Content-Type

Yes

String

The request body type or format

Possible values:

  • application/json;charset=utf-8
  • application/json

X-Auth-Token

Yes

String

Requests for calling an API can be authenticated using either a token or AK/SK. If token-based authentication is used, this parameter is mandatory and must be set to a user token. For details about how to obtain a token, see Authentication.

Maximum length: 16,384 characters

Response Parameters

Status code: 200

Table 3 Response body parameters

Parameter

Type

Description

kind

String

API type. The value is fixed at Config and cannot be changed.

Default value: Config

apiVersion

String

API version. The value is fixed at v1.

preferences

String

This field is not used currently and is left unspecified by default.

clusters

Array of Clusters objects

Cluster list.

users

Array of Users objects

Stores the certificate information and client key information of a specified user.

contexts

Array of Contexts objects

Context list.

current-context

String

Current context. If publicIp (elastic IP address of the VM) exists, the value is external. If publicIp does not exist, the value is internal.
Table 4 Clusters

Parameter

Type

Description

name

String

Cluster name.

  • If the publicIp parameter does not exist (that is, no EIP exists), there is only one cluster in the cluster list, and the value of this parameter is internalCluster.
  • If the publicIp parameter exists (that is, the EIP exists), there are at least two clusters in the cluster list, and the value of this parameter is externalCluster.

cluster

ClusterCert object

Cluster information.
Table 5 ClusterCert

Parameter

Type

Description

server

String

Server IP address.

certificate-authority-data

String

Certificate authorization data.

insecure-skip-tls-verify

Boolean

Whether to skip the server certificate verification. If the cluster type is externalCluster, the value is true.
Table 6 Users

Parameter

Type

Description

name

String

The value is fixed to user.

user

User object

Stores the certificate information and client key information of a specified user.
Table 7 User

Parameter

Type

Description

client-certificate-data

String

Client certificate.

client-key-data

String

PEM encoding data from the TLS client key file.
Table 8 Contexts

Parameter

Type

Description

name

String

Context name.

  • If the publicIp parameter does not exist (that is, no EIP exists), there is only one cluster in the cluster list, and the value of this parameter is internal.
  • If the publicIp parameter exists (that is, the EIP exists), there are at least two clusters in the cluster list, and the value of this parameter is external.

context

Context object

Context information.
Table 9 Context

Parameter

Type

Description

cluster

String

Cluster context.

user

String

User context.

Example Requests

None

Example Responses

Status code: 200

Certificates of the specified cluster are successfully obtained. For details about the certificate file format, see the Kubernetes v1.Config structure.

{
  "kind" : "Config",
  "apiVersion" : "v1",
  "preferences" : { },
  "clusters" : [ {
    "name" : "internalCluster",
    "cluster" : {
      "server" : "https://192.168.1.7:5443",
      "certificate-authority-data" : "Q2VydGlmaWN******kQgQ0VSVElGSUNBVEUtLS0tLQo="
    }
  } ],
  "users" : [ {
    "name" : "user",
    "user" : {
      "client-certificate-data" : "LS0tLS1CRUdJTi******RklDQVRFLS0tLS0K",
      "client-key-data" : "LS0tLS1CRUdJTiBSU******BLRVktLS0tLQo="
    }
  } ],
  "contexts" : [ {
    "name" : "internal",
    "context" : {
      "cluster" : "internalCluster",
      "user" : "user"
    }
  } ],
  "current-context" : "internal"
}

Status Codes

Status Code

Description

200

Certificates of the specified cluster are successfully obtained. For details about the certificate file format, see the Kubernetes v1.Config structure.

Error Codes

See Error Codes.

Parent Topic: Cluster Management