기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.
다음 예제에서는 ExportCertificate 함수의 사용법을 보여줍니다. 이 함수는 PKCS #8 형식에 있는 Private Certificate Authority(CA)에서 발급한 사설 인증서를 내보냅니다. (공인 인증서는 ACM에서 발급되었거나 가져왔는지 여부에 관계없이 내보낼 수 없습니다.) 또한 인증서 체인 및 프라이빗 키를 내보냅니다. 이 예제에서는 키에 대한 암호가 로컬 파일에 저장됩니다.
package com.amazonaws.samples;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.ExportCertificateRequest;
import com.amazonaws.services.certificatemanager.model.ExportCertificateResult;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.InvalidTagException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
public class ExportCertificate {
public static void main(String[] args) throws Exception {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.your_region)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Initialize a file descriptor for the passphrase file.
RandomAccessFile file_passphrase = null;
// Initialize a buffer for the passphrase.
ByteBuffer buf_passphrase = null;
// Create a file stream for reading the private key passphrase.
try {
file_passphrase = new RandomAccessFile("C:\\Temp\\password.txt", "r");
}
catch (IllegalArgumentException ex) {
throw ex;
}
catch (SecurityException ex) {
throw ex;
}
catch (FileNotFoundException ex) {
throw ex;
}
// Create a channel to map the file.
FileChannel channel_passphrase = file_passphrase.getChannel();
// Map the file to the buffer.
try {
buf_passphrase = channel_passphrase.map(FileChannel.MapMode.READ_ONLY, 0, channel_passphrase.size());
// Clean up after the file is mapped.
channel_passphrase.close();
file_passphrase.close();
}
catch (IOException ex)
{
throw ex;
}
// Create a request object.
ExportCertificateRequest req = new ExportCertificateRequest();
// Set the certificate ARN.
req.withCertificateArn("arn:aws:acm:region:account:"
+"certificate/M12345678-1234-1234-1234-123456789012");
// Set the passphrase.
req.withPassphrase(buf_passphrase);
// Export the certificate.
ExportCertificateResult result = null;
try {
result = client.exportCertificate(req);
}
catch(InvalidArnException ex)
{
throw ex;
}
catch (InvalidTagException ex)
{
throw ex;
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
// Clear the buffer.
buf_passphrase.clear();
// Display the certificate and certificate chain.
String certificate = result.getCertificate();
System.out.println(certificate);
String certificate_chain = result.getCertificateChain();
System.out.println(certificate_chain);
// This example retrieves but does not display the private key.
String private_key = result.getPrivateKey();
}
}