Reference documentation and code samples for the Certificate Authority v1 API enum SubjectRequestMode.
Describes the way in which a
[Certificate][google.cloud.security.privateca.v1.Certificate]'s
[Subject][google.cloud.security.privateca.v1.Subject] and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] will be
resolved.
The default mode used in most cases. Indicates that the certificate's
[Subject][google.cloud.security.privateca.v1.Subject] and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] are
specified in the certificate request. This mode requires the caller to have
the privateca.certificates.create permission.
ReflectedSpiffe
A mode reserved for special cases. Indicates that the certificate should
have one SPIFFE
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] set
by the service based on the caller's identity. This mode will ignore any
explicitly specified [Subject][google.cloud.security.privateca.v1.Subject]
and/or
[SubjectAltNames][google.cloud.security.privateca.v1.SubjectAltNames] in
the certificate request. This mode requires the caller to have the
privateca.certificates.createForSelf permission.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["\u003cp\u003eThis page provides reference documentation for the \u003ccode\u003eSubjectRequestMode\u003c/code\u003e enum within the Google Cloud Security PrivateCA V1 API, with the latest version being 3.9.0.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eSubjectRequestMode\u003c/code\u003e enum determines how a certificate's Subject and SubjectAltNames are resolved.\u003c/p\u003e\n"],["\u003cp\u003eThere are three fields available for the \u003ccode\u003eSubjectRequestMode\u003c/code\u003e enum which are: \u003ccode\u003eDefault\u003c/code\u003e, \u003ccode\u003eReflectedSpiffe\u003c/code\u003e, and \u003ccode\u003eUnspecified\u003c/code\u003e, each serving different use cases and permissions.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eDefault\u003c/code\u003e mode requires \u003ccode\u003eprivateca.certificates.create\u003c/code\u003e permission and has the Subject and SubjectAltNames specified in the certificate request, while \u003ccode\u003eReflectedSpiffe\u003c/code\u003e requires \u003ccode\u003eprivateca.certificates.createForSelf\u003c/code\u003e and uses the caller's identity to set the SubjectAltNames, ignoring any explicit specification.\u003c/p\u003e\n"],["\u003cp\u003eThis page also provides links to reference documentation for prior versions, going as far back as 1.0.0.\u003c/p\u003e\n"]]],[],null,[]]
