There are more AWS SDK examples available in the AWS Doc SDK Examples
Use RequestCertificate
with an AWS SDK or CLI
The following code examples show how to use RequestCertificate
.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
- C++
-
- SDK for C++
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository
. //! Request an AWS Certificate Manager (ACM) certificate. /*! \param domainName: A fully qualified domain name. \param idempotencyToken: Customer chosen string for idempotency. \param clientConfiguration: AWS client configuration. \return bool: Function succeeded. */ bool AwsDoc::ACM::requestCertificate(const Aws::String &domainName, const Aws::String &idempotencyToken, const Aws::Client::ClientConfiguration &clientConfiguration) { Aws::ACM::ACMClient acmClient(clientConfiguration); Aws::ACM::Model::RequestCertificateRequest request; request.WithDomainName(domainName) .WithIdempotencyToken(idempotencyToken); Aws::ACM::Model::RequestCertificateOutcome outcome = acmClient.RequestCertificate(request); if (!outcome.IsSuccess()) { std::cerr << "RequestCertificate error: " << outcome.GetError().GetMessage() << std::endl; return false; } else { std::cout << "Success: The newly requested certificate's " "ARN is '" << outcome.GetResult().GetCertificateArn() << "'." << std::endl; return true; } }
-
For API details, see RequestCertificate in AWS SDK for C++ API Reference.
-
- CLI
-
- AWS CLI
-
To request a new ACM certificate
The following
request-certificate
command requests a new certificate for the www.example.com domain using DNS validation:aws acm request-certificate --domain-name www.example.com --validation-method DNS
You can enter an idempotency token to distinguish between calls to
request-certificate
:aws acm request-certificate --domain-name www.example.com --validation-method DNS --idempotency-token 91adc45q
You can enter one or more subject alternative names to request a certificate that will protect more than one apex domain:
aws acm request-certificate --domain-name example.com --validation-method DNS --idempotency-token 91adc45q --subject-alternative-names www.example.net
You can enter an alternative name that can also be used to reach your website:
aws acm request-certificate --domain-name example.com --validation-method DNS --idempotency-token 91adc45q --subject-alternative-names www.example.com
You can use an asterisk (*) as a wildcard to create a certificate for several subdomains in the same domain:
aws acm request-certificate --domain-name example.com --validation-method DNS --idempotency-token 91adc45q --subject-alternative-names *.example.com
You can also enter multiple alternative names:
aws acm request-certificate --domain-name example.com --validation-method DNS --subject-alternative-names b.example.com c.example.com d.example.com
If you are using email for validation, you can enter domain validation options to specify the domain to which the validation email will be sent:
aws acm request-certificate --domain-name example.com --validation-method EMAIL --subject-alternative-names www.example.com --domain-validation-options DomainName=example.com,ValidationDomain=example.com
The following command opts out of certificate transparency logging when you request a new certificate:
aws acm request-certificate --domain-name www.example.com --validation-method DNS --options CertificateTransparencyLoggingPreference=DISABLED --idempotency-token 184627
-
For API details, see RequestCertificate
in AWS CLI Command Reference.
-
- PowerShell
-
- Tools for PowerShell
-
Example 1: Creates a new certificate. The service returns the ARN of the new certificate.
New-ACMCertificate -DomainName "www.example.com"
Output:
arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012
Example 2: Creates a new certificate. The service returns the ARN of the new certificate.
New-ACMCertificate -DomainName "www.example.com" -SubjectAlternativeName "example.com","www.example.net"
Output:
arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012
-
For API details, see RequestCertificate in AWS Tools for PowerShell Cmdlet Reference.
-
- Python
-
- SDK for Python (Boto3)
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository
. class AcmCertificate: """ Encapsulates ACM functions. """ def __init__(self, acm_client): """ :param acm_client: A Boto3 ACM client. """ self.acm_client = acm_client def request_validation( self, domain, alternate_domains, method, validation_domains=None ): """ Starts a validation request that results in a new certificate being issued by ACM. DNS validation requires that you add CNAME records to your DNS provider. Email validation sends email to a list of email addresses that are associated with the domain. For more information, see _Issuing and managing certificates_ in the ACM user guide. https://docs.aws.amazon.com/acm/latest/userguide/gs.html :param domain: The primary domain to associate with the certificate. :param alternate_domains: Subject Alternate Names (SANs) for the certificate. :param method: The validation method, either DNS or EMAIL. :param validation_domains: Alternate domains to use for email validation, when the email domain differs from the primary domain of the certificate. :return: The ARN of the requested certificate. """ try: kwargs = { "DomainName": domain, "ValidationMethod": method, "SubjectAlternativeNames": alternate_domains, } if validation_domains is not None: kwargs["DomainValidationOptions"] = [ {"DomainName": key, "ValidationDomain": value} for key, value in validation_domains.items() ] response = self.acm_client.request_certificate(**kwargs) certificate_arn = response["CertificateArn"] logger.info( "Requested %s validation for domain %s. Certificate ARN is %s.", method, domain, certificate_arn, ) except ClientError: logger.exception( "Request for %s validation of domain %s failed.", method, domain ) raise else: return certificate_arn
-
For API details, see RequestCertificate in AWS SDK for Python (Boto3) API Reference.
-