# This is an automatically generated code sample.
# To make this code sample work in your Oracle Cloud tenancy,
# please replace the values for any parameters whose current values do not fit
# your use case (such as resource IDs, strings containing ‘EXAMPLE’ or ‘unique_id’, and
# boolean, number, and enum parameters with values not fitting your use case).
from datetime import datetime
import oci
# Create a default config using DEFAULT profile in default location
# Refer to
# https://docs.cloud.oracle.com/en-us/iaas/Content/API/Concepts/sdkconfig.htm#SDK_and_CLI_Configuration_File
# for more info
config = oci.config.from_file()
# Initialize service client with default config file
certificates_management_client = oci.certificates_management.CertificatesManagementClient(
config)
# Send the request to service, some parameters are not required, see API
# doc for more info
create_certificate_authority_response = certificates_management_client.create_certificate_authority(
create_certificate_authority_details=oci.certificates_management.models.CreateCertificateAuthorityDetails(
name="EXAMPLE-name-Value",
compartment_id="ocid1.test.oc1..<unique_ID>EXAMPLE-compartmentId-Value",
certificate_authority_config=oci.certificates_management.models.CreateRootCaByGeneratingInternallyConfigDetails(
config_type="ROOT_CA_GENERATED_INTERNALLY",
subject=oci.certificates_management.models.CertificateSubject(
common_name="EXAMPLE-commonName-Value",
country="EXAMPLE-country-Value",
domain_component="EXAMPLE-domainComponent-Value",
distinguished_name_qualifier="EXAMPLE-distinguishedNameQualifier-Value",
generation_qualifier="EXAMPLE-generationQualifier-Value",
given_name="EXAMPLE-givenName-Value",
initials="EXAMPLE-initials-Value",
locality_name="EXAMPLE-localityName-Value",
organization="EXAMPLE-organization-Value",
organizational_unit="EXAMPLE-organizationalUnit-Value",
pseudonym="EXAMPLE-pseudonym-Value",
serial_number="EXAMPLE-serialNumber-Value",
state_or_province_name="EXAMPLE-stateOrProvinceName-Value",
street="EXAMPLE-street-Value",
surname="EXAMPLE-surname-Value",
title="EXAMPLE-title-Value",
user_id="ocid1.test.oc1..<unique_ID>EXAMPLE-userId-Value"),
version_name="EXAMPLE-versionName-Value",
validity=oci.certificates_management.models.Validity(
time_of_validity_not_after=datetime.strptime(
"2026-03-14T03:32:16.144Z",
"%Y-%m-%dT%H:%M:%S.%fZ"),
time_of_validity_not_before=datetime.strptime(
"2026-12-02T11:05:33.949Z",
"%Y-%m-%dT%H:%M:%S.%fZ")),
signing_algorithm="SHA256_WITH_RSA"),
kms_key_id="ocid1.test.oc1..<unique_ID>EXAMPLE-kmsKeyId-Value",
description="EXAMPLE-description-Value",
certificate_authority_rules=[
oci.certificates_management.models.CertificateAuthorityIssuanceExpiryRule(
rule_type="CERTIFICATE_AUTHORITY_ISSUANCE_EXPIRY_RULE",
leaf_certificate_max_validity_duration="EXAMPLE-leafCertificateMaxValidityDuration-Value",
certificate_authority_max_validity_duration="EXAMPLE-certificateAuthorityMaxValidityDuration-Value")],
certificate_revocation_list_details=oci.certificates_management.models.CertificateRevocationListDetails(
object_storage_config=oci.certificates_management.models.ObjectStorageBucketConfigDetails(
object_storage_bucket_name="EXAMPLE-objectStorageBucketName-Value",
object_storage_object_name_format="EXAMPLE-objectStorageObjectNameFormat-Value",
object_storage_namespace="EXAMPLE-objectStorageNamespace-Value"),
custom_formatted_urls=["EXAMPLE--Value"]),
freeform_tags={
'EXAMPLE_KEY_qk5EQ': 'EXAMPLE_VALUE_kYwESmGaUueQOQYjkQ1T'},
defined_tags={
'EXAMPLE_KEY_sgzbA': {
'EXAMPLE_KEY_5ntyB': 'EXAMPLE--Value'}}),
opc_request_id="DBXGOJRPTZEOPRSVFYO9<unique_ID>",
opc_retry_token="EXAMPLE-opcRetryToken-Value")
# Get the data from response
print(create_certificate_authority_response.data)