【AWS CLI サンプル集】Certificate Manager

Certificate Manager
2024.05.06

コマンドの実行可否は、主に AWS Cloud9 で確認しています。
コマンド例を提供してくださる方は、お問い合わせフォームから送信してください。
記載されているコマンド例の修正もこちらからご連絡ください。

自己証明書を ACM にインポート

aws acm import-certificate \
--certificate fileb://cert.pem \
--private-key fileb://privatekey.key \
--certificate-chain fileb://chain.pem

出力

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b92"
}

by anonymous

Private CA から証明書をリクエスト

ca_arn="arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566"

aws acm request-certificate \
--domain-name www.example.com \
--certificate-authority-arn $ca_arn

出力

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b91"
}

by anonymous

パブリック証明書をリクエスト

aws acm request-certificate \
--domain-name www.example.com \
--validation-method DNS

出力

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90"
}

by anonymous

証明書の一覧を表示

aws acm list-certificates \
--query 'CertificateSummaryList[*].[CertificateArn, DomainName] | map(&[], @)' \
--output text

出力

arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90        www.example.com
arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b91        www.example.com
arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b92        www.example.com

by anonymous

証明書の詳細を表示

aws acm describe-certificate \
--certificate-arn arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90

出力

{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90",
        "DomainName": "www.example.com",
        "SubjectAlternativeNames": [
            "www.example.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "www.example.com",
                "ValidationDomain": "www.example.com",
                "ValidationStatus": "FAILED",
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=www.example.com",
        "Issuer": "Amazon",
        "CreatedAt": "2024-05-04T10:13:13.867000+00:00",
        "Status": "FAILED",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "FailureReason": "ADDITIONAL_VERIFICATION_REQUIRED",
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "INELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "ENABLED"
        }
    }
}

by anonymous

証明書を削除

aws acm delete-certificate \
--certificate-arn arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90

出力

None

by anonymous

タイトルとURLをコピーしました