X.509 certificate resource
certificate MQL resource for querying Network infrastructure with cnquery and cnspec.
Network
X.509 certificate resource
Use MQL in cnspec shell or policy:
certificateMin version: 5.15.0Defaults:
serial subject.commonName subject.dnRelationships
4 resources · 5 relationships·Click to select, expand fields to see properties.
Fields (25)
| Field | Type | Description |
|---|---|---|
authorityKeyID | string | Authority key identifier |
crlDistributionPoints | []string | CRL distribution points |
expiresIn | time | Expiration duration |
extendedKeyUsage | []string | Extended key usage |
extensions | []pkix.extension | Extensions |
fingerprints | map[string]string | Certificate fingerprints |
isCA | int | Whether the certificate is from a certificate authority |
isRevoked | int | Whether this certificate has been revoked |
issuer | pkix.name | Issuer |
issuingCertificateUrl | []string | Issuing certificate URL |
isVerified | int | Whether the certificate is valid (based on its chain) |
keyUsage | []string | Key usage |
notAfter | time | Validity period not after |
notBefore | time | Validity period validity period |
ocspServer | []string | OCSP |
pemrequired | string | PEM content |
policyIdentifier | []string | Policy identifier |
revokedAt | time | The time at which this certificate was revoked |
sanExtension | pkix.sanExtension | SAN extension value params |
serial | string | Serial number |
signature | string | Signature |
signingAlgorithm | string | Signature algorithm ID |
subject | pkix.name | Subject |
subjectKeyID | string | Subject unique identifier |
version | int | Version number |