Querying the Certificate List by Tag_Certificate Tag Management_Managing SSL Certificates_API_API Reference

Function

Query the certificate list by tag.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.

If you are using identity policy-based authorization, the following identity policy-based permissions are required.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
scm:cert:listCertificatesByTag	List	cert *	-	-	-
scm:cert:listCertificatesByTag	List	-	g:EnterpriseProjectId g:RequestTag/<tag-key> g:TagKeys	-	-

URI

POST /v3/scm/{resource_instances}/action

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
resource_instances	Yes	String	Resource instance. The value is resource_instances. Minimum: 18 Maximum: 18

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token. Minimum: 32 Maximum: 2097152

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
without_any_tag	No	Boolean	If this parameter is set to true, all resources without tags are queried. In this case, the tags, tags_any, not_tags, and not_tags_any fields are not required. true false
tags	No	Array of ScsTag objects	The list of tags. The resources to be queried contain tags specified in this field. Each resource can contain a maximum of 20 keys. Each tag key can have a maximum of 20 tag values. The tag value corresponding to each tag key can be an empty array but the structure cannot be missing. Each key must be unique, and each value for a key must be unique. The response returns resources containing all the specified tags. Keys are in the AND relationship and values in each key-value structure are in the OR relationship. If this parameter is not specified, all resources will be returned. Array Length: 1 - 20
tags_any	No	Array of ScsTag objects	The list of tags. The instances to be queried contain any tag listed in tags_any. Each instance to be queried contains a maximum of 20 keys. Each tag key has a maximum of 20 tag values. The tag value corresponding to each tag key can be an empty array but the structure cannot be missing. Each key must be unique, and each value for a key must be unique. The response returns resources containing the tags in this list. Keys in this list are in an OR relationship and values in each key-value structure are also in an OR relationship. If no filtering condition is specified, full data is returned. Array Length: 1 - 20
not_tags	No	Array of ScsTag objects	The list of tags. The instances to be queried do not contain any tag listed in not_tags. Each instance to be queried contains a maximum of 20 keys. Each tag key has a maximum of 20 tag values. The tag value corresponding to each tag key can be an empty array but the structure cannot be missing. Keys must be unique and values of a key must be unique. The response returns instances containing no tag in this list. Keys are in the AND relationship and values in each key-value structure is in the OR relationship. If this parameter is not specified, all resources will be returned. Array Length: 1 - 20
not_tags_any	No	Array of ScsTag objects	The list of tags. The instances to be queried do not contain all tags listed in not_tags_any. Each instance to be queried contains a maximum of 20 keys. Each tag key has a maximum of 20 tag values. The tag value corresponding to each tag key can be an empty array but the structure cannot be missing. Each key must be unique, and each value for a key must be unique. The response returns resources containing no tag in this list. Keys in this list are in the OR relationship and values in each key-value structure are also in the OR relationship. If no tag filtering criteria is specified, full data is returned. Array Length: 1 - 20
limit	No	Integer	Number of certificate records on each page. The options are as follows: 10: 10 certificate records can be displayed on each page. 20: 20 certificate records can be displayed on each page. 50: 50 certificate records can be displayed on each page. Minimum: 10 Maximum: 50 Default: 10
offset	No	Integer	Specifies the offset. The query starts from the next piece of data indexed by this parameter. Minimum: 0 Default: 0
action	No	String	Operation type. Possible values are as follows: filter count: indicates the total number of records to be queried. Minimum: 5 Maximum: 6
matches	No	Array of ScsMatch objects	Search field. key indicates the field to be matched, for example, resource_name. value indicates the matched value. The key is a fixed dictionary value and cannot contain duplicate keys or unsupported keys. Array Length: 0 - 10

**Table 4** ScsTag
Parameter	Mandatory	Type	Description
key	No	String	Tag key. It can contain UTF-8 letters, digits, spaces, and the following characters: _ . : = + - @ Minimum: 1 Maximum: 128
values	No	Array of strings	Tag values. It can contain UTF-8 letters, digits, spaces, and the following special characters: _ . : = + - @ Minimum: 0 Maximum: 255 Array Length: 1 - 20

**Table 5** ScsMatch
Parameter	Mandatory	Type	Description
key	No	String	Tag key. It can contain UTF-8 letters, digits, spaces, and the following characters: _ . : = + - @ Minimum: 1 Maximum: 128
value	No	String	Tag value. It can contain UTF-8 letters, digits, spaces, and the following characters: _ . : / = + - @ Minimum: 0 Maximum: 255

Response Parameters

Status code: 200

**Table 6** Response body parameters
Parameter	Type	Description
total_count	Integer	Total number of records Minimum: 0 Maximum: 100
resources	Array of TagResource objects	Resource instance list. For details, see the data structure description of the TagResource field. Array Length: 0 - 100

**Table 7** TagResource
Parameter	Type	Description
resource_id	String	Whether the certificate can be unsubscribed. Minimum: 0 Maximum: 63
tags	Array of ScsResourceTag objects	Resource ID of the certificate. Array Length: 0 - 100
resource_name	String	Number of wildcard domain names. Minimum: 0 Maximum: 63
resource_detail	resource_detail object	Certificate resource details.

**Table 8** ScsResourceTag
Parameter	Type	Description
key	String	Tag key. Minimum: 0 Maximum: 128
value	String	Tag value. Minimum: 0 Maximum: 255

**Table 9** resource_detail
Parameter	Type	Description
cert_id	String	Certificate ID. Minimum: 16 Maximum: 16
cert_name	String	Certificate name. The value contains 3 to 63 characters. Minimum: 3 Maximum: 63
domain	String	Domain name bound to a certificate. If you purchase a single-domain or wildcard-domain certificate, enter a single domain name or wildcard domain name. If you purchase a multi-domain certificate, you need to select a domain name as the primary domain name. Example: www.example.com Minimum: 0 Maximum: 255
cert_type	String	Certificate type. OV_SSL_CERT: enterprise SSL certificate. EV_SSL_CERT: enhanced SSL certificate. Minimum: 0 Maximum: 32
cert_brand	String	Certificate authority. GLOBALSIGN Minimum: 0 Maximum: 32
domain_type	String	Zone type. SINGLE_DOMAIN: single domain name. MULTI_DOMAIN: multi-domain name type. WILDCARD: wildcard domain name. Minimum: 0 Maximum: 32
purchase_period	Integer	Certificate validity period, in years. Minimum: 0 Maximum: 1000
expired_time	String	Certificate expiration time, which is a timestamp in milliseconds. Minimum: 0 Maximum: 32
order_status	String	Order status. Minimum: 0 Maximum: 32
domain_num	Integer	Number of domain names. If domain_type is set to SINGLE_DOMAIN or WILDCARD, the value is 1. If domain_type is set to MULTI_DOMAIN, the value ranges from 2 to 250. Minimum: 1 Maximum: 250
wildcard_number	Integer	Specifies the list of queried tags. If no tag is matched, an empty array is returned. Minimum: 1 Maximum: 100
sans	String	Resource name. This parameter is an empty string by default. Minimum: 0 Maximum: 4096
cert_des	String	Certificate description. Minimum: 0 Maximum: 32
signature_algorithm	String	Additional domain name associated with the certificate Minimum: 0 Maximum: 32
fail_reason	String	Failure cause. Minimum: 0 Maximum: 255
partner_order_id	String	Sequence number of an order. Minimum: 0 Maximum: 63
push_support	Boolean	Whether a certificate can be pushed.
cert_issued_time	String	Time when a certificate is issued, in milliseconds. Minimum: 0 Maximum: 32
resource_id	String	Resource ID. Minimum: 0 Maximum: 63
unsubscribe_support	Boolean	Signature algorithm
enterprise_project_id	String	Enterprise project ID. The default value is 0. For users who have enabled the enterprise project function, this value indicates that resources are in the default enterprise project. For users who have not enabled the enterprise project function, this value indicates that resources are not in the default enterprise project. Minimum: 0 Maximum: 36
origin_cert_id	String	Initial certificate ID. Minimum: 0 Maximum: 63
renewal_cert_id	String	ID of the certificate to be renewed. Minimum: 0 Maximum: 63
auto_renew_status	Integer	Auto-renewal status. Minimum: 0 Maximum: 100
remain_cert_number	Integer	Number of remaining valid certificates. Minimum: 0 Maximum: 100
auto_deploy_support	Boolean	Whether the certificate supports automatic deployment.

Status code: 401

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code returned for an error request. Minimum: 3 Maximum: 36
error_msg	String	Error information returned for an error request. Minimum: 0 Maximum: 1024

Status code: 403

**Table 11** Response body parameters
Parameter	Type	Description
error_code	String	Error code returned for an error request. Minimum: 3 Maximum: 36
error_msg	String	Error information returned for an error request. Minimum: 0 Maximum: 1024

Status code: 500

**Table 12** Response body parameters
Parameter	Type	Description
error_code	String	Error code returned for an error request. Minimum: 3 Maximum: 36
error_msg	String	Error information returned for an error request. Minimum: 0 Maximum: 1024

Example Requests

{
  "action" : "filter",
  "tags" : [ {
    "key" : "key1",
    "values" : [ "value1", "value2" ]
  } ]
}

Example Responses

Status code: 200

Normal response.

{
  "total_count" : 1,
  "resources" : [ {
    "resource_id" : "scs1664525717891"
  }, {
    "resource_detail" : [ {
      "cert_id" : "scs1664525717891",
      "cert_name" : "scm-e409cb",
      "auto_deploy_support" : false,
      "auto_renew_status" : 0,
      "cert_brand" : "CFCA",
      "cert_des" : null,
      "cert_issued_time" : 1664528641000,
      "cert_type" : "OV_SSL_CERT",
      "domain" : "www.cfca.com",
      "domain_num" : 6,
      "domain_type" : "MULTI_DOMAIN",
      "enterprise_project_id" : "7c0b1c33-491f-4b87-914a-bb708815b51a",
      "expired_time" : 1696064641000,
      "fail_reason" : null,
      "order_status" : "ISSUED",
      "origin_cert_id" : null,
      "partner_order_id" : "TA1664528570549_0573",
      "purchase_period" : 1,
      "push_support" : false,
      "remain_cert_number" : 0,
      "renewal_cert_id" : null,
      "resource_id" : null,
      "sans" : "www.test.com;*.test1.com;*.test2.com;www.test3.com;www.test4.com",
      "signature_algorithm" : null,
      "unsubscribe_support" : false,
      "wildcard_number" : 2
    } ]
  }, {
    "tags" : [ {
      "key" : "key1",
      "value" : "value1"
    } ]
  }, {
    "resource_name" : "scm-e409cb"
  } ]
}

Status code: 401

Authentication failed.

{
  "error_code" : "SCM.XXX",
  "error_msg" : "XXX"
}

Status code: 403

Access denied.

{
  "error_code" : "SCM.XXX",
  "error_msg" : "XXX"
}

Status code: 500

Failed to complete the request because of an internal server error.

{
  "error_code" : "SCM.XXX",
  "error_msg" : "XXX"
}

SDK Sample Code

The SDK sample code is as follows.

Java

    
     
       
       
         package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.GlobalCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.scm.v3.region.ScmRegion;
import com.huaweicloud.sdk.scm.v3.*;
import com.huaweicloud.sdk.scm.v3.model.*;

import java.util.List;
import java.util.ArrayList;

public class ListCertificatesByTagSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new GlobalCredentials()
                .withAk(ak)
                .withSk(sk);

        ScmClient client = ScmClient.newBuilder()
                .withCredential(auth)
                .withRegion(ScmRegion.valueOf("<YOUR REGION>"))
                .build();
        ListCertificatesByTagRequest request = new ListCertificatesByTagRequest();
        request.withResourceInstances("{resource_instances}");
        ListCertificatesByTagRequestBody body = new ListCertificatesByTagRequestBody();
        List<String> listTagsValues = new ArrayList<>();
        listTagsValues.add("value1");
        listTagsValues.add("value2");
        List<ScsTag> listbodyTags = new ArrayList<>();
        listbodyTags.add(
            new ScsTag()
                .withKey("key1")
                .withValues(listTagsValues)
        );
        body.withAction("filter");
        body.withTags(listbodyTags);
        request.withBody(body);
        try {
            ListCertificatesByTagResponse response = client.listCertificatesByTag(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

        

      

    
   

Python

    
     
       
       
         # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import GlobalCredentials
from huaweicloudsdkscm.v3.region.scm_region import ScmRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkscm.v3 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = GlobalCredentials(ak, sk)

    client = ScmClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(ScmRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListCertificatesByTagRequest()
        request.resource_instances = "{resource_instances}"
        listValuesTags = [
            "value1",
            "value2"
        ]
        listTagsbody = [
            ScsTag(
                key="key1",
                values=listValuesTags
            )
        ]
        request.body = ListCertificatesByTagRequestBody(
            action="filter",
            tags=listTagsbody
        )
        response = client.list_certificates_by_tag(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

        

      

    
   

Go

    
     
       
       
         package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/global"
    scm "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/scm/v3/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := global.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := scm.NewScmClient(
        scm.ScmClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListCertificatesByTagRequest{}
	request.ResourceInstances = "{resource_instances}"
	var listValuesTags = []string{
        "value1",
	    "value2",
    }
	keyTags:= "key1"
	var listTagsbody = []model.ScsTag{
        {
            Key: &keyTags,
            Values: &listValuesTags,
        },
    }
	actionListCertificatesByTagRequestBody:= "filter"
	request.Body = &model.ListCertificatesByTagRequestBody{
		Action: &actionListCertificatesByTagRequestBody,
		Tags: &listTagsbody,
	}
	response, err := client.ListCertificatesByTag(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

        

      

    
   

More

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code	Description
200	Normal response.
401	Authentication failed.
403	Access denied.
404	Access page not found.
500	Failed to complete the request because of an internal server error.

Error Codes

See Error Codes.

Querying the Certificate List by Tag