/AWS1/CL_IOT=>CREATECERTIFICATEFROMCSR()
¶
About CreateCertificateFromCsr¶
Creates an X.509 certificate using the specified certificate signing request.
Requires permission to access the CreateCertificateFromCsr action.
The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256, NIST P-384, or NIST P-521 curves. For supported certificates, consult Certificate signing algorithms supported by IoT.
Reusing the same certificate signing request (CSR) results in a distinct certificate.
You can create multiple certificates in a batch by creating a directory, copying
multiple .csr
files into that directory, and then specifying that directory on the command
line. The following commands show how to create a batch of certificates given a batch of
CSRs. In the following commands, we assume that a set of CSRs are located inside of the
directory my-csr-directory:
On Linux and OS X, the command is:
$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr
--certificate-signing-request file://my-csr-directory/{}
This command lists all of the CSRs in my-csr-directory and pipes each CSR file name
to the aws iot create-certificate-from-csr
Amazon Web Services CLI command to create a certificate for
the corresponding CSR.
You can also run the aws iot create-certificate-from-csr
part of the
command in parallel to speed up the certificate creation process:
$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr
--certificate-signing-request file://my-csr-directory/{}
On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:
> ls -Name my-csr-directory | %{aws iot create-certificate-from-csr
--certificate-signing-request file://my-csr-directory/$_}
On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:
> forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr
--certificate-signing-request file://@path"
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_CERTIFICATESIGNINGREQUEST
TYPE /AWS1/IOTCERTSIGNINGREQUEST
/AWS1/IOTCERTSIGNINGREQUEST
¶
The certificate signing request (CSR).
Optional arguments:¶
IV_SETASACTIVE
TYPE /AWS1/IOTSETASACTIVE
/AWS1/IOTSETASACTIVE
¶
Specifies whether the certificate is active.