ImportCertificate - AWS Transfer Family

ImportCertificate

Imports the signing and encryption certificates that you need to create local (AS2) profiles and partner profiles.

Request Syntax

{ "ActiveDate": number, "Certificate": "string", "CertificateChain": "string", "Description": "string", "InactiveDate": number, "PrivateKey": "string", "Tags": [ { "Key": "string", "Value": "string" } ], "Usage": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

ActiveDate

An optional date that specifies when the certificate becomes active.

Type: Timestamp

Required: No

Certificate
  • For the CLI, provide a file path for a certificate in URI format. For example, --certificate file://encryption-cert.pem. Alternatively, you can provide the raw content.

  • For the SDK, specify the raw content of a certificate file. For example, --certificate "`cat encryption-cert.pem`".

Type: String

Length Constraints: Minimum length of 1. Maximum length of 16384.

Pattern: [\u0009\u000A\u000D\u0020-\u00FF]*

Required: Yes

CertificateChain

An optional list of certificates that make up the chain for the certificate that's being imported.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2097152.

Pattern: [\u0009\u000A\u000D\u0020-\u00FF]*

Required: No

Description

A short description that helps identify the certificate.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 200.

Pattern: [\p{Graph}]+

Required: No

InactiveDate

An optional date that specifies when the certificate becomes inactive.

Type: Timestamp

Required: No

PrivateKey
  • For the CLI, provide a file path for a private key in URI format.For example, --private-key file://encryption-key.pem. Alternatively, you can provide the raw content of the private key file.

  • For the SDK, specify the raw content of a private key file. For example, --private-key "`cat encryption-key.pem`"

Type: String

Length Constraints: Minimum length of 1. Maximum length of 16384.

Pattern: [\u0009\u000A\u000D\u0020-\u00FF]*

Required: No

Tags

Key-value pairs that can be used to group and search for certificates.

Type: Array of Tag objects

Array Members: Minimum number of 1 item. Maximum number of 50 items.

Required: No

Usage

Specifies how this certificate is used. It can be used in the following ways:

  • SIGNING: For signing AS2 messages

  • ENCRYPTION: For encrypting AS2 messages

  • TLS: For securing AS2 communications sent over HTTPS

Type: String

Valid Values: SIGNING | ENCRYPTION | TLS

Required: Yes

Response Syntax

{ "CertificateId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

CertificateId

An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.

Type: String

Length Constraints: Fixed length of 22.

Pattern: cert-([0-9a-f]{17})

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServiceError

This exception is thrown when an error occurs in the AWS Transfer Family service.

HTTP Status Code: 500

InvalidRequestException

This exception is thrown when the client submits a malformed request.

HTTP Status Code: 400

ResourceNotFoundException

This exception is thrown when a resource is not found by the AWSTransfer Family service.

HTTP Status Code: 400

ServiceUnavailableException

The request has failed because the AWSTransfer Family service is not available.

HTTP Status Code: 500

Examples

Example

The following example imports a certificate to use for encryption. In the first command, we provide the contents of the certificate and certificate chain files. Use this format for SDK commands.

aws transfer import-certificate --usage ENCRYPTION --certificate "`cat encryption-cert.pem`" \ --private-key "`cat encryption-key.pem`" --certificate-chain "`cat root-ca.pem`"

Example

The following example is identical to the preceding command, except that we provide the file locations for the private key, certificate, and certificate chain files. This version of the command doesn't work if you are using an SDK.

aws transfer import-certificate --usage ENCRYPTION --certificate file://encryption-cert.pem \ --private-key file://encryption-key.pem --certificate-chain file://root-ca.pem

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: