Certificates cannot be issued from this CA. CRLs will not be generated.
The CA will not be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and will not be
used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
Deleted
Certificates cannot be issued from this CA. CRLs will not be generated.
The CA may still be recovered by calling
[CertificateAuthorityService.UndeleteCertificateAuthority][google.cloud.security.privateca.v1.CertificateAuthorityService.UndeleteCertificateAuthority] before
[expire_time][google.cloud.security.privateca.v1.CertificateAuthority.expire_time].
The CA will not be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and will not be
used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
Disabled
Certificates cannot be issued from this CA. CRLs will still be generated.
The CA will be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but will not be
used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
Enabled
Certificates can be issued from this CA. CRLs will be generated for this
CA. The CA will be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, and will be
used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
Staged
Certificates can be issued from this CA. CRLs will be generated for this
CA. The CA will be part of the [CaPool][google.cloud.security.privateca.v1.CaPool]'s trust anchor, but will not
be used to issue certificates from the [CaPool][google.cloud.security.privateca.v1.CaPool].
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eThis webpage documents the \u003ccode\u003eState\u003c/code\u003e enum within the \u003ccode\u003eGoogle.Cloud.Security.PrivateCA.V1\u003c/code\u003e namespace, which is used to define the operational status of a Certificate Authority.\u003c/p\u003e\n"],["\u003cp\u003eThe latest documented version for this \u003ccode\u003eState\u003c/code\u003e enum is 3.9.0, and it has available documentation for versions going as far back as 1.0.0.\u003c/p\u003e\n"],["\u003cp\u003eThere are six possible states for a Certificate Authority (CA): \u003ccode\u003eAwaitingUserActivation\u003c/code\u003e, \u003ccode\u003eDeleted\u003c/code\u003e, \u003ccode\u003eDisabled\u003c/code\u003e, \u003ccode\u003eEnabled\u003c/code\u003e, \u003ccode\u003eStaged\u003c/code\u003e, and \u003ccode\u003eUnspecified\u003c/code\u003e, each dictating whether certificates can be issued and if the CA is included in the CaPool's trust anchor.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eEnabled\u003c/code\u003e state is the only one which allows for certificates to be issued and being used as part of the CaPool.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eDeleted\u003c/code\u003e state allows the CA to be recovered by using the \u003ccode\u003eCertificateAuthorityService.UndeleteCertificateAuthority\u003c/code\u003e prior to the expire time.\u003c/p\u003e\n"]]],[],null,[]]
