ImportCertificate
Imports the signing and encryption certificates that you need to create local (AS2) profiles and partner profiles.
Request Syntax
{
"ActiveDate": number
,
"Certificate": "string
",
"CertificateChain": "string
",
"Description": "string
",
"InactiveDate": number
,
"PrivateKey": "string
",
"Tags": [
{
"Key": "string
",
"Value": "string
"
}
],
"Usage": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- ActiveDate
-
An optional date that specifies when the certificate becomes active.
Type: Timestamp
Required: No
- Certificate
-
-
For the CLI, provide a file path for a certificate in URI format. For example,
--certificate file://encryption-cert.pem
. Alternatively, you can provide the raw content. -
For the SDK, specify the raw content of a certificate file. For example,
--certificate "`cat encryption-cert.pem`"
.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 16384.
Pattern:
[\u0009\u000A\u000D\u0020-\u00FF]*
Required: Yes
-
- CertificateChain
-
An optional list of certificates that make up the chain for the certificate that's being imported.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2097152.
Pattern:
[\u0009\u000A\u000D\u0020-\u00FF]*
Required: No
- Description
-
A short description that helps identify the certificate.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 200.
Pattern:
[\p{Graph}]+
Required: No
- InactiveDate
-
An optional date that specifies when the certificate becomes inactive.
Type: Timestamp
Required: No
- PrivateKey
-
-
For the CLI, provide a file path for a private key in URI format.For example,
--private-key file://encryption-key.pem
. Alternatively, you can provide the raw content of the private key file. -
For the SDK, specify the raw content of a private key file. For example,
--private-key "`cat encryption-key.pem`"
Type: String
Length Constraints: Minimum length of 1. Maximum length of 16384.
Pattern:
[\u0009\u000A\u000D\u0020-\u00FF]*
Required: No
-
- Tags
-
Key-value pairs that can be used to group and search for certificates.
Type: Array of Tag objects
Array Members: Minimum number of 1 item. Maximum number of 50 items.
Required: No
- Usage
-
Specifies how this certificate is used. It can be used in the following ways:
-
SIGNING
: For signing AS2 messages -
ENCRYPTION
: For encrypting AS2 messages -
TLS
: For securing AS2 communications sent over HTTPS
Type: String
Valid Values:
SIGNING | ENCRYPTION | TLS
Required: Yes
-
Response Syntax
{
"CertificateId": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- CertificateId
-
An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
Type: String
Length Constraints: Fixed length of 22.
Pattern:
cert-([0-9a-f]{17})
Errors
For information about the errors that are common to all actions, see Common Errors.
- InternalServiceError
-
This exception is thrown when an error occurs in the AWS Transfer Family service.
HTTP Status Code: 500
- InvalidRequestException
-
This exception is thrown when the client submits a malformed request.
HTTP Status Code: 400
- ResourceNotFoundException
-
This exception is thrown when a resource is not found by the AWSTransfer Family service.
HTTP Status Code: 400
- ServiceUnavailableException
-
The request has failed because the AWSTransfer Family service is not available.
HTTP Status Code: 500
Examples
Example
The following example imports a certificate to use for encryption. In the first command, we provide the contents of the certificate and certificate chain files. Use this format for SDK commands.
aws transfer import-certificate --usage ENCRYPTION --certificate "`cat encryption-cert.pem`" \ --private-key "`cat encryption-key.pem`" --certificate-chain "`cat root-ca.pem`"
Example
The following example is identical to the preceding command, except that we provide the file locations for the private key, certificate, and certificate chain files. This version of the command doesn't work if you are using an SDK.
aws transfer import-certificate --usage ENCRYPTION --certificate file://encryption-cert.pem \ --private-key file://encryption-key.pem --certificate-chain file://root-ca.pem
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: