【AWS CLI 示例集】Certificate Manager

Certificate Manager
2024.05.06

我们主要检查是否可以使用AWS Cloud9执行命令。
如果您想提供示例命令,请使用下面的表格提交。
如果列出的命令示例有任何错误,请在此处更正。

建议
建议内容可能会被修改。在提出任何建议之前请注意这一点。

将自我证书导入 ACM

aws acm import-certificate \
--certificate fileb://cert.pem \
--private-key fileb://privatekey.key \
--certificate-chain fileb://chain.pem

输出

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b92"
}

by anonymous

向私有 CA 请求证书

ca_arn="arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566"

aws acm request-certificate \
--domain-name www.example.com \
--certificate-authority-arn $ca_arn

输出

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b91"
}

by anonymous

请求公共证书

aws acm request-certificate \
--domain-name www.example.com \
--validation-method DNS

输出

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90"
}

by anonymous

查看证书列表

aws acm list-certificates \
--query 'CertificateSummaryList[*].[CertificateArn, DomainName] | map(&[], @)' \
--output text

输出

arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90        www.example.com
arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b91        www.example.com
arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b92        www.example.com

by anonymous

查看证书详细信息

aws acm describe-certificate \
--certificate-arn arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90

输出

{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90",
        "DomainName": "www.example.com",
        "SubjectAlternativeNames": [
            "www.example.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "www.example.com",
                "ValidationDomain": "www.example.com",
                "ValidationStatus": "FAILED",
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=www.example.com",
        "Issuer": "Amazon",
        "CreatedAt": "2024-05-04T10:13:13.867000+00:00",
        "Status": "FAILED",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "FailureReason": "ADDITIONAL_VERIFICATION_REQUIRED",
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "INELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "ENABLED"
        }
    }
}

by anonymous

删除证书

aws acm delete-certificate \
--certificate-arn arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90

输出

None

by anonymous

タイトルとURLをコピーしました