文档 AWS SDK 示例 GitHub 存储库中还有更多 [S AWS DK 示例](https://github.com/awsdocs/aws-doc-sdk-examples)。
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
# 使用适用于 Java 的 SDK 2.x 的 ACM 示例
以下代码示例向您展示了如何使用 AWS SDK for Java 2.x 与 ACM 配合使用来执行操作和实现常见场景。
*操作*是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景的上下文查看操作。
每个示例都包含一个指向完整源代码的链接,您可以从中找到有关如何在上下文中设置和运行代码的说明。
**Topics**
+ [操作](#actions)
## 操作
### `AddTagsToCertificate`
以下代码示例演示了如何使用 `AddTagsToCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class AddTagsToCertificate {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
addTags(certArn);
}
/**
* Adds tags to a certificate in AWS Certificate Manager (ACM).
*
* @param certArn the Amazon Resource Name (ARN) of the certificate to add tags to
*/
public static void addTags(String certArn) {
AcmClient acmClient = AcmClient.create();
List expectedTags = List.of(Tag.builder().key("key").value("value").build());
AddTagsToCertificateRequest addTagsToCertificateRequest = AddTagsToCertificateRequest.builder()
.certificateArn(certArn)
.tags(expectedTags)
.build();
try {
acmClient.addTagsToCertificate(addTagsToCertificateRequest);
System.out.println("Successfully added tags to a certificate");
} catch (AcmException e) {
System.out.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[AddTagsToCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/AddTagsToCertificate)*中的。
### `DeleteCertificate`
以下代码示例演示了如何使用 `DeleteCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class DeleteCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
deleteCertificate(certArn);
}
/**
* Deletes an SSL/TLS certificate from the AWS Certificate Manager (ACM).
*
* @param certArn the Amazon Resource Name (ARN) of the certificate to be deleted
*/
public static void deleteCertificate( String certArn) {
AcmClient acmClient = AcmClient.create();
DeleteCertificateRequest request = DeleteCertificateRequest.builder()
.certificateArn(certArn)
.build();
try {
acmClient.deleteCertificate(request);
System.out.println("The certificate was deleted");
} catch (AcmException e) {
System.out.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DeleteCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/DeleteCertificate)*中的。
### `DescribeCertificate`
以下代码示例演示了如何使用 `DescribeCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class DescribeCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
describeCertificate(certArn);
}
/**
* Describes the details of an SSL/TLS certificate.
*
* @param certArn the Amazon Resource Name (ARN) of the certificate to describe
* @throws AcmException if an error occurs while describing the certificate
*/
public static void describeCertificate(String certArn) {
AcmClient acmClient = AcmClient.create();
DescribeCertificateRequest req = DescribeCertificateRequest.builder()
.certificateArn(certArn)
.build();
try {
DescribeCertificateResponse response = acmClient.describeCertificate(req);
// Print the certificate details.
System.out.println("Certificate ARN: " + response.certificate().certificateArn());
System.out.println("Domain Name: " + response.certificate().domainName());
System.out.println("Issued By: " + response.certificate().issuer());
System.out.println("Issued On: " + response.certificate().issuedAt());
System.out.println("Status: " + response.certificate().status());
} catch (AcmException e) {
System.out.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[DescribeCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/DescribeCertificate)*中的。
### `ExportCertificate`
以下代码示例演示了如何使用 `ExportCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ExportCertificate {
public static void main(String[] args) throws Exception {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
exportCert(certArn);
}
/**
* Exports an SSL/TLS certificate and its associated private key and certificate chain from AWS Certificate Manager (ACM).
*
* @param certArn The Amazon Resource Name (ARN) of the certificate that you want to export.
* @throws IOException If an I/O error occurs while reading the private key passphrase file or exporting the certificate.
*/
public static void exportCert(String certArn) throws IOException {
AcmClient acmClient = AcmClient.create();
// Initialize a file descriptor for the passphrase file.
RandomAccessFile filePassphrase = null;
ByteBuffer bufPassphrase = null;
// Create a file stream for reading the private key passphrase.
try {
filePassphrase = new RandomAccessFile("C:\\AWS\\password.txt", "r");
} catch (IllegalArgumentException | SecurityException | FileNotFoundException ex) {
throw ex;
}
// Create a channel to map the file.
FileChannel channelPassphrase = filePassphrase.getChannel();
// Map the file to the buffer.
try {
bufPassphrase = channelPassphrase.map(FileChannel.MapMode.READ_ONLY, 0, channelPassphrase.size());
channelPassphrase.close();
filePassphrase.close();
} catch (IOException ex) {
throw ex;
}
// Create a request object.
ExportCertificateRequest req = ExportCertificateRequest.builder()
.certificateArn(certArn)
.passphrase(SdkBytes.fromByteBuffer(bufPassphrase))
.build();
// Export the certificate.
ExportCertificateResponse result = null;
try {
result = acmClient.exportCertificate(req);
} catch (InvalidArnException | InvalidTagException | ResourceNotFoundException ex) {
throw ex;
}
// Clear the buffer.
bufPassphrase.clear();
// Display the certificate and certificate chain.
String certificate = result.certificate();
System.out.println(certificate);
String certificateChain = result.certificateChain();
System.out.println(certificateChain);
// This example retrieves but does not display the private key.
String privateKey = result.privateKey();
System.out.println("The example is complete");
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[ExportCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ExportCertificate)*中的。
### `ImportCertificate`
以下代码示例演示了如何使用 `ImportCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ImportCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
bucketName - The name of the S3 bucket containing the certificate and private key.
certificateKey - The object key for the SSL/TLS certificate file in S3.
privateKeyKey - The object key for the private key file in S3.
""";
if (args.length != 3) {
System.out.println(usage);
return;
}
String bucketName = args[0];
String certificateKey = args[1];
String privateKeyKey = args[2];
String certificateArn = importCertificate(bucketName, certificateKey, privateKeyKey);
System.out.println("Certificate imported with ARN: " + certificateArn);
}
/**
* Imports an SSL/TLS certificate and private key from S3 into AWS Certificate Manager (ACM).
*
* @param bucketName The name of the S3 bucket.
* @param certificateKey The key for the SSL/TLS certificate file in S3.
* @param privateKeyKey The key for the private key file in S3.
* @return The ARN of the imported certificate.
*/
public static String importCertificate(String bucketName, String certificateKey, String privateKeyKey) {
AcmClient acmClient = AcmClient.create();
S3Client s3Client = S3Client.create();
try {
byte[] certificateBytes = downloadFileFromS3(s3Client, bucketName, certificateKey);
byte[] privateKeyBytes = downloadFileFromS3(s3Client, bucketName, privateKeyKey);
ImportCertificateRequest request = ImportCertificateRequest.builder()
.certificate(SdkBytes.fromByteBuffer(ByteBuffer.wrap(certificateBytes)))
.privateKey(SdkBytes.fromByteBuffer(ByteBuffer.wrap(privateKeyBytes)))
.build();
ImportCertificateResponse response = acmClient.importCertificate(request);
return response.certificateArn();
} catch (IOException e) {
System.err.println("Error downloading certificate or private key from S3: " + e.getMessage());
} catch (S3Exception e) {
System.err.println("S3 error: " + e.awsErrorDetails().errorMessage());
}
return "";
}
/**
* Downloads a file from Amazon S3 and returns its contents as a byte array.
*
* @param s3Client The S3 client.
* @param bucketName The name of the S3 bucket.
* @param objectKey The key of the object in S3.
* @return The file contents as a byte array.
* @throws IOException If an I/O error occurs.
*/
private static byte[] downloadFileFromS3(S3Client s3Client, String bucketName, String objectKey) throws IOException {
GetObjectRequest getObjectRequest = GetObjectRequest.builder()
.bucket(bucketName)
.key(objectKey)
.build();
try (ResponseInputStream s3Object = s3Client.getObject(getObjectRequest);
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream()) {
IoUtils.copy(s3Object, byteArrayOutputStream);
return byteArrayOutputStream.toByteArray();
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[ImportCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ImportCertificate)*中的。
### `ListCertificates`
以下代码示例演示了如何使用 `ListCertificates`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ListCerts {
public static void main(String[] args) {
listCertificates();
}
/**
* Lists all the certificates managed by AWS Certificate Manager (ACM) that have a status of "ISSUED".
*/
public static void listCertificates() {
AcmClient acmClient = AcmClient.create();
try {
ListCertificatesRequest listRequest = ListCertificatesRequest.builder()
.certificateStatuses(CertificateStatus.ISSUED)
.maxItems(100)
.build();
ListCertificatesIterable listResponse = acmClient.listCertificatesPaginator(listRequest);
// Print the certificate details using streams
listResponse.certificateSummaryList().stream()
.forEach(certificate -> {
System.out.println("Certificate ARN: " + certificate.certificateArn());
System.out.println("Certificate Domain Name: " + certificate.domainName());
System.out.println("Certificate Status: " + certificate.statusAsString());
System.out.println("---");
});
} catch (AcmException e) {
System.err.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[ListCertificates](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ListCertificates)*中的。
### `ListTagsForCertificate`
以下代码示例演示了如何使用 `ListTagsForCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ListCertTags {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
listCertTags(certArn);
}
/**
* Lists the tags associated with an AWS Certificate Manager (ACM) certificate.
*
* @param certArn the Amazon Resource Name (ARN) of the ACM certificate
*/
public static void listCertTags(String certArn) {
AcmClient acmClient = AcmClient.create();
ListTagsForCertificateRequest request = ListTagsForCertificateRequest.builder()
.certificateArn(certArn)
.build();
ListTagsForCertificateResponse response = acmClient.listTagsForCertificate(request);
List tagList = response.tags();
tagList.forEach(tag -> {
System.out.println("Key: " + tag.key());
System.out.println("Value: " + tag.value());
});
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[ListTagsForCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ListTagsForCertificate)*中的。
### `RemoveTagsFromCertificate`
以下代码示例演示了如何使用 `RemoveTagsFromCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class RemoveTagsFromCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
removeTags(certArn);
}
/**
* Removes tags from an AWS Certificate Manager (ACM) certificate.
*
* @param certArn the Amazon Resource Name (ARN) of the certificate from which to remove tags
*/
public static void removeTags(String certArn) {
AcmClient acmClient = AcmClient.create();
List expectedTags = List.of(Tag.builder().key("key").value("value").build());
RemoveTagsFromCertificateRequest req = RemoveTagsFromCertificateRequest.builder()
.certificateArn(certArn)
.tags(expectedTags)
.build();
try {
acmClient.removeTagsFromCertificate(req);
System.out.println("Successfully removed tags from the certificate");
} catch (AcmException e) {
System.err.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[RemoveTagsFromCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/RemoveTagsFromCertificate)*中的。
### `RenewCertificate`
以下代码示例演示了如何使用 `RenewCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class RenewCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
renewCertificate(certArn);
}
/**
* Renews an existing SSL/TLS certificate in AWS Certificate Manager (ACM).
*
* @param certArn The Amazon Resource Name (ARN) of the certificate to be renewed.
* @throws AcmException If there is an error renewing the certificate.
*/
public static void renewCertificate(String certArn) {
AcmClient acmClient = AcmClient.create();
RenewCertificateRequest certificateRequest = RenewCertificateRequest.builder()
.certificateArn(certArn)
.build();
try {
acmClient.renewCertificate(certificateRequest);
System.out.println("The certificate was renewed");
} catch(AcmException e){
System.out.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[RenewCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/RenewCertificate)*中的。
### `RequestCertificate`
以下代码示例演示了如何使用 `RequestCertificate`。
**适用于 Java 的 SDK 2.x**
还有更多相关信息 GitHub。在 [AWS 代码示例存储库](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中查找完整示例,了解如何进行设置和运行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class RequestCert {
public static void main(String[] args) {
requestCertificate();
}
/**
* Requests a certificate from the AWS Certificate Manager (ACM) service.
*/
public static void requestCertificate() {
AcmClient acmClient = AcmClient.create();
ArrayList san = new ArrayList<>();
san.add("www.example.com");
RequestCertificateRequest req = RequestCertificateRequest.builder()
.domainName("example.com")
.idempotencyToken("1Aq25pTy")
.subjectAlternativeNames(san)
.build();
try {
RequestCertificateResponse response = acmClient.requestCertificate(req);
System.out.println("Cert ARN IS " + response.certificateArn());
} catch (AcmException e) {
System.err.println(e.getMessage());
}
}
}
```
+ 有关 API 的详细信息,请参阅 *AWS SDK for Java 2.x API 参考[RequestCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/RequestCertificate)*中的。