D'autres AWS SDK exemples sont disponibles dans le GitHub dépôt AWS Doc SDK Examples
Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra.
À utiliser DescribeCertificate avec un AWS SDK ou CLI
Les exemples de code suivants montrent comment utiliserDescribeCertificate.
Les exemples d’actions sont des extraits de code de programmes de plus grande envergure et doivent être exécutés en contexte. Vous pouvez voir cette action en contexte dans l’exemple de code suivant :
- .NET
-
- AWS SDK for .NET
-
Note
Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le référentiel d’exemples de code AWS
. using System; using System.Threading.Tasks; using Amazon; using Amazon.CertificateManager; using Amazon.CertificateManager.Model; namespace DescribeCertificate { class DescribeCertificate { // The following example retrieves and displays the metadata for a // certificate using the AWS Certificate Manager (ACM) service. // Specify your AWS Region (an example Region is shown). private static readonly RegionEndpoint ACMRegion = RegionEndpoint.USEast1; private static AmazonCertificateManagerClient _client; static void Main(string[] args) { _client = new Amazon.CertificateManager.AmazonCertificateManagerClient(ACMRegion); var describeCertificateReq = new DescribeCertificateRequest(); // The ARN used here is just an example. Replace it with the ARN of // a certificate that exists on your account. describeCertificateReq.CertificateArn = "arn:aws:acm:us-east-1:123456789012:certificate/8cfd7dae-9b6a-2d07-92bc-1c309EXAMPLE"; var certificateDetailResp = DescribeCertificateResponseAsync(client: _client, request: describeCertificateReq); var certificateDetail = certificateDetailResp.Result.Certificate; if (certificateDetail is not null) { DisplayCertificateDetails(certificateDetail); } } /// <summary> /// Displays detailed metadata about a certificate retrieved /// using the ACM service. /// </summary> /// <param name="certificateDetail">The object that contains details /// returned from the call to DescribeCertificateAsync.</param> static void DisplayCertificateDetails(CertificateDetail certificateDetail) { Console.WriteLine("\nCertificate Details: "); Console.WriteLine($"Certificate Domain: {certificateDetail.DomainName}"); Console.WriteLine($"Certificate Arn: {certificateDetail.CertificateArn}"); Console.WriteLine($"Certificate Subject: {certificateDetail.Subject}"); Console.WriteLine($"Certificate Status: {certificateDetail.Status}"); foreach (var san in certificateDetail.SubjectAlternativeNames) { Console.WriteLine($"Certificate SubjectAlternativeName: {san}"); } } /// <summary> /// Retrieves the metadata associated with the ACM service certificate. /// </summary> /// <param name="client">An AmazonCertificateManagerClient object /// used to call DescribeCertificateResponse.</param> /// <param name="request">The DescribeCertificateRequest object that /// will be passed to the method call.</param> /// <returns></returns> static async Task<DescribeCertificateResponse> DescribeCertificateResponseAsync( AmazonCertificateManagerClient client, DescribeCertificateRequest request) { var response = new DescribeCertificateResponse(); try { response = await client.DescribeCertificateAsync(request); } catch (InvalidArnException) { Console.WriteLine($"Error: The ARN specified is invalid."); } catch (ResourceNotFoundException) { Console.WriteLine($"Error: The specified certificate could not be found."); } return response; } } }-
Pour API plus de détails, voir DescribeCertificatela section AWS SDK for .NET APIRéférence.
-
- C++
-
- SDKpour C++
-
Note
Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le référentiel d’exemples de code AWS
. //! Describe an AWS Certificate Manager (ACM) certificate. /*! \param certificateArn: The Amazon Resource Name (ARN) of a certificate. \param clientConfiguration: AWS client configuration. \return bool: Function succeeded. */ bool AwsDoc::ACM::describeCertificate(const Aws::String &certificateArn, const Aws::Client::ClientConfiguration &clientConfiguration) { Aws::ACM::ACMClient acm_client(clientConfiguration); Aws::ACM::Model::DescribeCertificateRequest request; request.WithCertificateArn(certificateArn); Aws::ACM::Model::DescribeCertificateOutcome outcome = acm_client.DescribeCertificate(request); if (!outcome.IsSuccess()) { std::cerr << "Error: DescribeCertificate: " << outcome.GetError().GetMessage() << std::endl; } else { Aws::ACM::Model::CertificateDetail certificate = outcome.GetResult().GetCertificate(); std::cout << "Success: Information about certificate " "with ARN '" << certificateArn << "':" << std::endl << std::endl; std::cout << "ARN: " << certificate.GetCertificateArn() << std::endl; std::cout << "Authority ARN: " << certificate.GetCertificateAuthorityArn() << std::endl; std::cout << "Created at (GMT): " << certificate.GetCreatedAt().ToGmtString( Aws::Utils::DateFormat::ISO_8601) << std::endl; std::cout << "Domain name: " << certificate.GetDomainName() << std::endl; Aws::Vector<Aws::ACM::Model::DomainValidation> options = certificate.GetDomainValidationOptions(); if (!options.empty()) { std::cout << std::endl << "Domain validation information: " << std::endl << std::endl; for (auto &validation: options) { std::cout << " Domain name: " << validation.GetDomainName() << std::endl; const Aws::ACM::Model::ResourceRecord &record = validation.GetResourceRecord(); std::cout << " Resource record name: " << record.GetName() << std::endl; Aws::ACM::Model::RecordType recordType = record.GetType(); Aws::String type; switch (recordType) { case Aws::ACM::Model::RecordType::CNAME: type = "CNAME"; break; case Aws::ACM::Model::RecordType::NOT_SET: type = "Not set"; break; default: type = "Cannot determine."; break; } std::cout << " Resource record type: " << type << std::endl; std::cout << " Resource record value: " << record.GetValue() << std::endl; std::cout << " Validation domain: " << validation.GetValidationDomain() << std::endl; Aws::Vector<Aws::String> emails = validation.GetValidationEmails(); if (!emails.empty()) { std::cout << " Validation emails:" << std::endl << std::endl; for (auto &email: emails) { std::cout << " " << email << std::endl; } std::cout << std::endl; } Aws::ACM::Model::ValidationMethod validationMethod = validation.GetValidationMethod(); Aws::String method; switch (validationMethod) { case Aws::ACM::Model::ValidationMethod::DNS: method = "DNS"; break; case Aws::ACM::Model::ValidationMethod::EMAIL: method = "Email"; break; case Aws::ACM::Model::ValidationMethod::NOT_SET: method = "Not set"; break; default: method = "Cannot determine"; } std::cout << " Validation method: " << method << std::endl; Aws::ACM::Model::DomainStatus domainStatus = validation.GetValidationStatus(); Aws::String status; switch (domainStatus) { case Aws::ACM::Model::DomainStatus::FAILED: status = "Failed"; break; case Aws::ACM::Model::DomainStatus::NOT_SET: status = "Not set"; break; case Aws::ACM::Model::DomainStatus::PENDING_VALIDATION: status = "Pending validation"; break; case Aws::ACM::Model::DomainStatus::SUCCESS: status = "Success"; break; default: status = "Cannot determine"; } std::cout << " Domain validation status: " << status << std::endl << std::endl; } } Aws::Vector<Aws::ACM::Model::ExtendedKeyUsage> usages = certificate.GetExtendedKeyUsages(); if (!usages.empty()) { std::cout << std::endl << "Extended key usages:" << std::endl << std::endl; for (auto &usage: usages) { Aws::ACM::Model::ExtendedKeyUsageName usageName = usage.GetName(); Aws::String name; switch (usageName) { case Aws::ACM::Model::ExtendedKeyUsageName::ANY: name = "Any"; break; case Aws::ACM::Model::ExtendedKeyUsageName::CODE_SIGNING: name = "Code signing"; break; case Aws::ACM::Model::ExtendedKeyUsageName::CUSTOM: name = "Custom"; break; case Aws::ACM::Model::ExtendedKeyUsageName::EMAIL_PROTECTION: name = "Email protection"; break; case Aws::ACM::Model::ExtendedKeyUsageName::IPSEC_END_SYSTEM: name = "IPSEC end system"; break; case Aws::ACM::Model::ExtendedKeyUsageName::IPSEC_TUNNEL: name = "IPSEC tunnel"; break; case Aws::ACM::Model::ExtendedKeyUsageName::IPSEC_USER: name = "IPSEC user"; break; case Aws::ACM::Model::ExtendedKeyUsageName::NONE: name = "None"; break; case Aws::ACM::Model::ExtendedKeyUsageName::NOT_SET: name = "Not set"; break; case Aws::ACM::Model::ExtendedKeyUsageName::OCSP_SIGNING: name = "OCSP signing"; break; case Aws::ACM::Model::ExtendedKeyUsageName::TIME_STAMPING: name = "Time stamping"; break; case Aws::ACM::Model::ExtendedKeyUsageName::TLS_WEB_CLIENT_AUTHENTICATION: name = "TLS web client authentication"; break; case Aws::ACM::Model::ExtendedKeyUsageName::TLS_WEB_SERVER_AUTHENTICATION: name = "TLS web server authentication"; break; default: name = "Cannot determine"; } std::cout << " Name: " << name << std::endl; std::cout << " OID: " << usage.GetOID() << std::endl << std::endl; } std::cout << std::endl; } Aws::ACM::Model::CertificateStatus certificateStatus = certificate.GetStatus(); Aws::String status; switch (certificateStatus) { case Aws::ACM::Model::CertificateStatus::EXPIRED: status = "Expired"; break; case Aws::ACM::Model::CertificateStatus::FAILED: status = "Failed"; break; case Aws::ACM::Model::CertificateStatus::INACTIVE: status = "Inactive"; break; case Aws::ACM::Model::CertificateStatus::ISSUED: status = "Issued"; break; case Aws::ACM::Model::CertificateStatus::NOT_SET: status = "Not set"; break; case Aws::ACM::Model::CertificateStatus::PENDING_VALIDATION: status = "Pending validation"; break; case Aws::ACM::Model::CertificateStatus::REVOKED: status = "Revoked"; break; case Aws::ACM::Model::CertificateStatus::VALIDATION_TIMED_OUT: status = "Validation timed out"; break; default: status = "Cannot determine"; } std::cout << "Status: " << status << std::endl; if (certificate.GetStatus() == Aws::ACM::Model::CertificateStatus::FAILED) { Aws::ACM::Model::FailureReason failureReason = certificate.GetFailureReason(); Aws::String reason; switch (failureReason) { case Aws::ACM::Model::FailureReason::ADDITIONAL_VERIFICATION_REQUIRED: reason = "Additional verification required"; break; case Aws::ACM::Model::FailureReason::CAA_ERROR: reason = "CAA error"; break; case Aws::ACM::Model::FailureReason::DOMAIN_NOT_ALLOWED: reason = "Domain not allowed"; break; case Aws::ACM::Model::FailureReason::DOMAIN_VALIDATION_DENIED: reason = "Domain validation denied"; break; case Aws::ACM::Model::FailureReason::INVALID_PUBLIC_DOMAIN: reason = "Invalid public domain"; break; case Aws::ACM::Model::FailureReason::NOT_SET: reason = "Not set"; break; case Aws::ACM::Model::FailureReason::NO_AVAILABLE_CONTACTS: reason = "No available contacts"; break; case Aws::ACM::Model::FailureReason::OTHER: reason = "Other"; break; case Aws::ACM::Model::FailureReason::PCA_ACCESS_DENIED: reason = "PCA access denied"; break; case Aws::ACM::Model::FailureReason::PCA_INVALID_ARGS: reason = "PCA invalid args"; break; case Aws::ACM::Model::FailureReason::PCA_INVALID_ARN: reason = "PCA invalid ARN"; break; case Aws::ACM::Model::FailureReason::PCA_INVALID_DURATION: reason = "PCA invalid duration"; break; case Aws::ACM::Model::FailureReason::PCA_INVALID_STATE: reason = "PCA invalid state"; break; case Aws::ACM::Model::FailureReason::PCA_LIMIT_EXCEEDED: reason = "PCA limit exceeded"; break; case Aws::ACM::Model::FailureReason::PCA_NAME_CONSTRAINTS_VALIDATION: reason = "PCA name constraints validation"; break; case Aws::ACM::Model::FailureReason::PCA_REQUEST_FAILED: reason = "PCA request failed"; break; case Aws::ACM::Model::FailureReason::PCA_RESOURCE_NOT_FOUND: reason = "PCA resource not found"; break; default: reason = "Cannot determine"; } std::cout << "Failure reason: " << reason << std::endl; } if (certificate.GetStatus() == Aws::ACM::Model::CertificateStatus::REVOKED) { std::cout << "Revoked at (GMT): " << certificate.GetRevokedAt().ToGmtString( Aws::Utils::DateFormat::ISO_8601) << std::endl; Aws::ACM::Model::RevocationReason revocationReason = certificate.GetRevocationReason(); Aws::String reason; switch (revocationReason) { case Aws::ACM::Model::RevocationReason::AFFILIATION_CHANGED: reason = "Affiliation changed"; break; case Aws::ACM::Model::RevocationReason::A_A_COMPROMISE: reason = "AA compromise"; break; case Aws::ACM::Model::RevocationReason::CA_COMPROMISE: reason = "CA compromise"; break; case Aws::ACM::Model::RevocationReason::CERTIFICATE_HOLD: reason = "Certificate hold"; break; case Aws::ACM::Model::RevocationReason::CESSATION_OF_OPERATION: reason = "Cessation of operation"; break; case Aws::ACM::Model::RevocationReason::KEY_COMPROMISE: reason = "Key compromise"; break; case Aws::ACM::Model::RevocationReason::NOT_SET: reason = "Not set"; break; case Aws::ACM::Model::RevocationReason::PRIVILEGE_WITHDRAWN: reason = "Privilege withdrawn"; break; case Aws::ACM::Model::RevocationReason::REMOVE_FROM_CRL: reason = "Revoke from CRL"; break; case Aws::ACM::Model::RevocationReason::SUPERCEDED: reason = "Superceded"; break; case Aws::ACM::Model::RevocationReason::UNSPECIFIED: reason = "Unspecified"; break; default: reason = "Cannot determine"; } std::cout << "Revocation reason: " << reason << std::endl; } if (certificate.GetType() == Aws::ACM::Model::CertificateType::IMPORTED) { std::cout << "Imported at (GMT): " << certificate.GetImportedAt().ToGmtString( Aws::Utils::DateFormat::ISO_8601) << std::endl; } Aws::Vector<Aws::String> inUseBys = certificate.GetInUseBy(); if (!inUseBys.empty()) { std::cout << std::endl << "In use by:" << std::endl << std::endl; for (auto &in_use_by: inUseBys) { std::cout << " " << in_use_by << std::endl; } std::cout << std::endl; } if (certificate.GetType() == Aws::ACM::Model::CertificateType::AMAZON_ISSUED && certificate.GetStatus() == Aws::ACM::Model::CertificateStatus::ISSUED) { std::cout << "Issued at (GMT): " << certificate.GetIssuedAt().ToGmtString( Aws::Utils::DateFormat::ISO_8601) << std::endl; } std::cout << "Issuer: " << certificate.GetIssuer() << std::endl; Aws::ACM::Model::KeyAlgorithm keyAlgorithm = certificate.GetKeyAlgorithm(); Aws::String algorithm; switch (keyAlgorithm) { case Aws::ACM::Model::KeyAlgorithm::EC_prime256v1: algorithm = "P-256 (secp256r1, prime256v1)"; break; case Aws::ACM::Model::KeyAlgorithm::EC_secp384r1: algorithm = "P-384 (secp384r1)"; break; case Aws::ACM::Model::KeyAlgorithm::EC_secp521r1: algorithm = "P-521 (secp521r1)"; break; case Aws::ACM::Model::KeyAlgorithm::NOT_SET: algorithm = "Not set"; break; case Aws::ACM::Model::KeyAlgorithm::RSA_1024: algorithm = "RSA 1024"; break; case Aws::ACM::Model::KeyAlgorithm::RSA_2048: algorithm = "RSA 2048"; break; case Aws::ACM::Model::KeyAlgorithm::RSA_4096: algorithm = "RSA 4096"; break; default: algorithm = "Cannot determine"; } std::cout << "Key algorithm: " << algorithm << std::endl; if (certificate.GetStatus() == Aws::ACM::Model::CertificateStatus::ISSUED) { std::cout << "Not valid after (GMT): " << certificate.GetNotAfter().ToGmtString( Aws::Utils::DateFormat::ISO_8601) << std::endl; std::cout << "Not valid before (GMT): " << certificate.GetNotBefore().ToGmtString( Aws::Utils::DateFormat::ISO_8601) << std::endl; } Aws::ACM::Model::CertificateTransparencyLoggingPreference loggingPreference = certificate.GetOptions().GetCertificateTransparencyLoggingPreference(); Aws::String preference; switch (loggingPreference) { case Aws::ACM::Model::CertificateTransparencyLoggingPreference::DISABLED: preference = "Disabled"; break; case Aws::ACM::Model::CertificateTransparencyLoggingPreference::ENABLED: preference = "Enabled"; break; case Aws::ACM::Model::CertificateTransparencyLoggingPreference::NOT_SET: preference = "Not set"; break; default: preference = "Cannot determine"; } std::cout << "Logging preference: " << preference << std::endl; std::cout << "Serial: " << certificate.GetSerial() << std::endl; std::cout << "Signature algorithm: " << certificate.GetSignatureAlgorithm() << std::endl; std::cout << "Subject: " << certificate.GetSubject() << std::endl; Aws::ACM::Model::CertificateType certificateType = certificate.GetType(); Aws::String type; switch (certificateType) { case Aws::ACM::Model::CertificateType::AMAZON_ISSUED: type = "Amazon issued"; break; case Aws::ACM::Model::CertificateType::IMPORTED: type = "Imported"; break; case Aws::ACM::Model::CertificateType::NOT_SET: type = "Not set"; break; case Aws::ACM::Model::CertificateType::PRIVATE_: type = "Private"; break; default: type = "Cannot determine"; } std::cout << "Type: " << type << std::endl; Aws::Vector<Aws::String> altNames = certificate.GetSubjectAlternativeNames(); if (!altNames.empty()) { std::cout << std::endl << "Alternative names:" << std::endl << std::endl; for (auto &alt_name: altNames) { std::cout << " " << alt_name << std::endl; } std::cout << std::endl; } } return outcome.IsSuccess(); }-
Pour API plus de détails, voir DescribeCertificatela section AWS SDK for C++ APIRéférence.
-
- CLI
-
- AWS CLI
-
Pour récupérer les champs contenus dans un ACM certificat
La
describe-certificatecommande suivante permet de récupérer tous les champs du certificat avec la valeur spécifiée ARN :aws acm describe-certificate --certificate-arnarn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012Un résultat similaire à ce qui suit s'affiche :
{ "Certificate": { "CertificateArn": "arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012", "CreatedAt": 1446835267.0, "DomainName": "www.example.com", "DomainValidationOptions": [ { "DomainName": "www.example.com", "ValidationDomain": "www.example.com", "ValidationEmails": [ "hostmaster@example.com", "admin@example.com", "owner@example.com.whoisprivacyservice.org", "tech@example.com.whoisprivacyservice.org", "admin@example.com.whoisprivacyservice.org", "postmaster@example.com", "webmaster@example.com", "administrator@example.com" ] }, { "DomainName": "www.example.net", "ValidationDomain": "www.example.net", "ValidationEmails": [ "postmaster@example.net", "admin@example.net", "owner@example.net.whoisprivacyservice.org", "tech@example.net.whoisprivacyservice.org", "admin@example.net.whoisprivacyservice.org", "hostmaster@example.net", "administrator@example.net", "webmaster@example.net" ] } ], "InUseBy": [], "IssuedAt": 1446835815.0, "Issuer": "Amazon", "KeyAlgorithm": "RSA-2048", "NotAfter": 1478433600.0, "NotBefore": 1446768000.0, "Serial": "0f:ac:b0:a3:8d:ea:65:52:2d:7d:01:3a:39:36:db:d6", "SignatureAlgorithm": "SHA256WITHRSA", "Status": "ISSUED", "Subject": "CN=www.example.com", "SubjectAlternativeNames": [ "www.example.com", "www.example.net" ] } }-
Pour API plus de détails, voir DescribeCertificate
la section Référence des AWS CLI commandes.
-
- PowerShell
-
- Outils pour PowerShell
-
Exemple 1 : renvoie les détails du certificat spécifié.
Get-ACMCertificateDetail -CertificateArn "arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012"Sortie :
CertificateArn : arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012 CreatedAt : 1/21/2016 5:55:59 PM DomainName : www.example.com DomainValidationOptions : {www.example.com} InUseBy : {} IssuedAt : 1/1/0001 12:00:00 AM Issuer : KeyAlgorithm : RSA-2048 NotAfter : 1/1/0001 12:00:00 AM NotBefore : 1/1/0001 12:00:00 AM RevocationReason : RevokedAt : 1/1/0001 12:00:00 AM Serial : SignatureAlgorithm : SHA256WITHRSA Status : PENDING_VALIDATION Subject : CN=www.example.com SubjectAlternativeNames : {www.example.net}-
Pour API plus de détails, consultez la section DescribeCertificateRéférence des AWS Tools for PowerShell applets de commande.
-
- Python
-
- SDKpour Python (Boto3)
-
Note
Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le référentiel d’exemples de code AWS
. class AcmCertificate: """ Encapsulates ACM functions. """ def __init__(self, acm_client): """ :param acm_client: A Boto3 ACM client. """ self.acm_client = acm_client def describe(self, certificate_arn): """ Gets certificate metadata. :param certificate_arn: The Amazon Resource Name (ARN) of the certificate. :return: Metadata about the certificate. """ try: response = self.acm_client.describe_certificate( CertificateArn=certificate_arn ) certificate = response["Certificate"] logger.info( "Got metadata for certificate for domain %s.", certificate["DomainName"] ) except ClientError: logger.exception("Couldn't get data for certificate %s.", certificate_arn) raise else: return certificate-
Pour API plus de détails, reportez-vous DescribeCertificateà la section AWS SDKpour la référence Python (Boto3). API
-
DeleteCertificate
ExportCertificate