gcloud privateca pools get-ca-certs - get the root CA certs for all active CAs in the CA pool
gcloud privateca pools get-ca-certs (CA_POOL : --location=LOCATION) --output-file=OUTPUT_FILE [GCLOUD_WIDE_FLAG ...]
To get the root CA certs for all active CAs in the CA pool:
$ gcloud privateca pools get-ca-certs my-pool \ --output-file=ca-certificates.pem --location=us-west1
- CA POOL resource - The ca pool whose CA certificates should be fetched. The
arguments in this group can be used to specify the attributes of this resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways. To set the project attribute:
- —
provide the argument CA_POOL on the command line with a fully specified name;
- —
provide the argument --project on the command line;
- —
set the property core/project.
This must be specified.
- CA_POOL
ID of the CA_POOL or fully qualified identifier for the CA_POOL. To set the pool attribute:
provide the argument CA_POOL on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
- --location=LOCATION
The location of the CA_POOL. To set the location attribute:
provide the argument CA_POOL on the command line with a fully specified name;
provide the argument --location on the command line;
set the property privateca/location.
- --output-file=OUTPUT_FILE
The path where the concatenated PEM certificates will be written. This will include the root CA certificate for each active CA in the CA pool.
These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.