文件 AWS 開發套件範例 GitHub 儲存庫中有更多可用的 [AWS SDK 範例](https://github.com/awsdocs/aws-doc-sdk-examples)。
本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# 使用適用於 Java 2.x 的 SDK 的 ACM 範例
下列程式碼範例示範如何使用 AWS SDK for Java 2.x 搭配 ACM 執行動作和實作常見案例。
*Actions* 是大型程式的程式碼摘錄,必須在內容中執行。雖然動作會告訴您如何呼叫個別服務函數,但您可以在其相關情境中查看內容中的動作。
每個範例均包含完整原始碼的連結,您可在連結中找到如何設定和執行內容中程式碼的相關指示。
**Topics**
+ [動作](#actions)
## 動作
### `AddTagsToCertificate`
以下程式碼範例顯示如何使用 `AddTagsToCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class AddTagsToCertificate {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
addTags(certArn);
}
/**
* Adds tags to a certificate in AWS Certificate Manager (ACM).
*
* @param certArn the Amazon Resource Name (ARN) of the certificate to add tags to
*/
public static void addTags(String certArn) {
AcmClient acmClient = AcmClient.create();
List expectedTags = List.of(Tag.builder().key("key").value("value").build());
AddTagsToCertificateRequest addTagsToCertificateRequest = AddTagsToCertificateRequest.builder()
.certificateArn(certArn)
.tags(expectedTags)
.build();
try {
acmClient.addTagsToCertificate(addTagsToCertificateRequest);
System.out.println("Successfully added tags to a certificate");
} catch (AcmException e) {
System.out.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [AddTagsToCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/AddTagsToCertificate)。
### `DeleteCertificate`
以下程式碼範例顯示如何使用 `DeleteCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class DeleteCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
deleteCertificate(certArn);
}
/**
* Deletes an SSL/TLS certificate from the AWS Certificate Manager (ACM).
*
* @param certArn the Amazon Resource Name (ARN) of the certificate to be deleted
*/
public static void deleteCertificate( String certArn) {
AcmClient acmClient = AcmClient.create();
DeleteCertificateRequest request = DeleteCertificateRequest.builder()
.certificateArn(certArn)
.build();
try {
acmClient.deleteCertificate(request);
System.out.println("The certificate was deleted");
} catch (AcmException e) {
System.out.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DeleteCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/DeleteCertificate)。
### `DescribeCertificate`
以下程式碼範例顯示如何使用 `DescribeCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class DescribeCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
describeCertificate(certArn);
}
/**
* Describes the details of an SSL/TLS certificate.
*
* @param certArn the Amazon Resource Name (ARN) of the certificate to describe
* @throws AcmException if an error occurs while describing the certificate
*/
public static void describeCertificate(String certArn) {
AcmClient acmClient = AcmClient.create();
DescribeCertificateRequest req = DescribeCertificateRequest.builder()
.certificateArn(certArn)
.build();
try {
DescribeCertificateResponse response = acmClient.describeCertificate(req);
// Print the certificate details.
System.out.println("Certificate ARN: " + response.certificate().certificateArn());
System.out.println("Domain Name: " + response.certificate().domainName());
System.out.println("Issued By: " + response.certificate().issuer());
System.out.println("Issued On: " + response.certificate().issuedAt());
System.out.println("Status: " + response.certificate().status());
} catch (AcmException e) {
System.out.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [DescribeCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/DescribeCertificate)。
### `ExportCertificate`
以下程式碼範例顯示如何使用 `ExportCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ExportCertificate {
public static void main(String[] args) throws Exception {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
exportCert(certArn);
}
/**
* Exports an SSL/TLS certificate and its associated private key and certificate chain from AWS Certificate Manager (ACM).
*
* @param certArn The Amazon Resource Name (ARN) of the certificate that you want to export.
* @throws IOException If an I/O error occurs while reading the private key passphrase file or exporting the certificate.
*/
public static void exportCert(String certArn) throws IOException {
AcmClient acmClient = AcmClient.create();
// Initialize a file descriptor for the passphrase file.
RandomAccessFile filePassphrase = null;
ByteBuffer bufPassphrase = null;
// Create a file stream for reading the private key passphrase.
try {
filePassphrase = new RandomAccessFile("C:\\AWS\\password.txt", "r");
} catch (IllegalArgumentException | SecurityException | FileNotFoundException ex) {
throw ex;
}
// Create a channel to map the file.
FileChannel channelPassphrase = filePassphrase.getChannel();
// Map the file to the buffer.
try {
bufPassphrase = channelPassphrase.map(FileChannel.MapMode.READ_ONLY, 0, channelPassphrase.size());
channelPassphrase.close();
filePassphrase.close();
} catch (IOException ex) {
throw ex;
}
// Create a request object.
ExportCertificateRequest req = ExportCertificateRequest.builder()
.certificateArn(certArn)
.passphrase(SdkBytes.fromByteBuffer(bufPassphrase))
.build();
// Export the certificate.
ExportCertificateResponse result = null;
try {
result = acmClient.exportCertificate(req);
} catch (InvalidArnException | InvalidTagException | ResourceNotFoundException ex) {
throw ex;
}
// Clear the buffer.
bufPassphrase.clear();
// Display the certificate and certificate chain.
String certificate = result.certificate();
System.out.println(certificate);
String certificateChain = result.certificateChain();
System.out.println(certificateChain);
// This example retrieves but does not display the private key.
String privateKey = result.privateKey();
System.out.println("The example is complete");
}
}
```
+ 如需 API 詳細資訊,請參閱《*AWS SDK for Java 2.x API 參考*》中的 [ExportCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ExportCertificate)。
### `ImportCertificate`
以下程式碼範例顯示如何使用 `ImportCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ImportCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
bucketName - The name of the S3 bucket containing the certificate and private key.
certificateKey - The object key for the SSL/TLS certificate file in S3.
privateKeyKey - The object key for the private key file in S3.
""";
if (args.length != 3) {
System.out.println(usage);
return;
}
String bucketName = args[0];
String certificateKey = args[1];
String privateKeyKey = args[2];
String certificateArn = importCertificate(bucketName, certificateKey, privateKeyKey);
System.out.println("Certificate imported with ARN: " + certificateArn);
}
/**
* Imports an SSL/TLS certificate and private key from S3 into AWS Certificate Manager (ACM).
*
* @param bucketName The name of the S3 bucket.
* @param certificateKey The key for the SSL/TLS certificate file in S3.
* @param privateKeyKey The key for the private key file in S3.
* @return The ARN of the imported certificate.
*/
public static String importCertificate(String bucketName, String certificateKey, String privateKeyKey) {
AcmClient acmClient = AcmClient.create();
S3Client s3Client = S3Client.create();
try {
byte[] certificateBytes = downloadFileFromS3(s3Client, bucketName, certificateKey);
byte[] privateKeyBytes = downloadFileFromS3(s3Client, bucketName, privateKeyKey);
ImportCertificateRequest request = ImportCertificateRequest.builder()
.certificate(SdkBytes.fromByteBuffer(ByteBuffer.wrap(certificateBytes)))
.privateKey(SdkBytes.fromByteBuffer(ByteBuffer.wrap(privateKeyBytes)))
.build();
ImportCertificateResponse response = acmClient.importCertificate(request);
return response.certificateArn();
} catch (IOException e) {
System.err.println("Error downloading certificate or private key from S3: " + e.getMessage());
} catch (S3Exception e) {
System.err.println("S3 error: " + e.awsErrorDetails().errorMessage());
}
return "";
}
/**
* Downloads a file from Amazon S3 and returns its contents as a byte array.
*
* @param s3Client The S3 client.
* @param bucketName The name of the S3 bucket.
* @param objectKey The key of the object in S3.
* @return The file contents as a byte array.
* @throws IOException If an I/O error occurs.
*/
private static byte[] downloadFileFromS3(S3Client s3Client, String bucketName, String objectKey) throws IOException {
GetObjectRequest getObjectRequest = GetObjectRequest.builder()
.bucket(bucketName)
.key(objectKey)
.build();
try (ResponseInputStream s3Object = s3Client.getObject(getObjectRequest);
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream()) {
IoUtils.copy(s3Object, byteArrayOutputStream);
return byteArrayOutputStream.toByteArray();
}
}
}
```
+ 如需 API 詳細資訊,請參閱《*AWS SDK for Java 2.x API 參考*》中的 [ImportCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ImportCertificate)。
### `ListCertificates`
以下程式碼範例顯示如何使用 `ListCertificates`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ListCerts {
public static void main(String[] args) {
listCertificates();
}
/**
* Lists all the certificates managed by AWS Certificate Manager (ACM) that have a status of "ISSUED".
*/
public static void listCertificates() {
AcmClient acmClient = AcmClient.create();
try {
ListCertificatesRequest listRequest = ListCertificatesRequest.builder()
.certificateStatuses(CertificateStatus.ISSUED)
.maxItems(100)
.build();
ListCertificatesIterable listResponse = acmClient.listCertificatesPaginator(listRequest);
// Print the certificate details using streams
listResponse.certificateSummaryList().stream()
.forEach(certificate -> {
System.out.println("Certificate ARN: " + certificate.certificateArn());
System.out.println("Certificate Domain Name: " + certificate.domainName());
System.out.println("Certificate Status: " + certificate.statusAsString());
System.out.println("---");
});
} catch (AcmException e) {
System.err.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《*AWS SDK for Java 2.x API 參考*》中的 [ListCertificates](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ListCertificates)。
### `ListTagsForCertificate`
以下程式碼範例顯示如何使用 `ListTagsForCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class ListCertTags {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
listCertTags(certArn);
}
/**
* Lists the tags associated with an AWS Certificate Manager (ACM) certificate.
*
* @param certArn the Amazon Resource Name (ARN) of the ACM certificate
*/
public static void listCertTags(String certArn) {
AcmClient acmClient = AcmClient.create();
ListTagsForCertificateRequest request = ListTagsForCertificateRequest.builder()
.certificateArn(certArn)
.build();
ListTagsForCertificateResponse response = acmClient.listTagsForCertificate(request);
List tagList = response.tags();
tagList.forEach(tag -> {
System.out.println("Key: " + tag.key());
System.out.println("Value: " + tag.value());
});
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [ListTagsForCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/ListTagsForCertificate)。
### `RemoveTagsFromCertificate`
以下程式碼範例顯示如何使用 `RemoveTagsFromCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class RemoveTagsFromCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
removeTags(certArn);
}
/**
* Removes tags from an AWS Certificate Manager (ACM) certificate.
*
* @param certArn the Amazon Resource Name (ARN) of the certificate from which to remove tags
*/
public static void removeTags(String certArn) {
AcmClient acmClient = AcmClient.create();
List expectedTags = List.of(Tag.builder().key("key").value("value").build());
RemoveTagsFromCertificateRequest req = RemoveTagsFromCertificateRequest.builder()
.certificateArn(certArn)
.tags(expectedTags)
.build();
try {
acmClient.removeTagsFromCertificate(req);
System.out.println("Successfully removed tags from the certificate");
} catch (AcmException e) {
System.err.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [RemoveTagsFromCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/RemoveTagsFromCertificate)。
### `RenewCertificate`
以下程式碼範例顯示如何使用 `RenewCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class RenewCert {
public static void main(String[] args) {
final String usage = """
Usage:
Where:
certArn - the ARN of the certificate.
""";
if (args.length != 1) {
System.out.println(usage);
return;
}
String certArn = args[0];
renewCertificate(certArn);
}
/**
* Renews an existing SSL/TLS certificate in AWS Certificate Manager (ACM).
*
* @param certArn The Amazon Resource Name (ARN) of the certificate to be renewed.
* @throws AcmException If there is an error renewing the certificate.
*/
public static void renewCertificate(String certArn) {
AcmClient acmClient = AcmClient.create();
RenewCertificateRequest certificateRequest = RenewCertificateRequest.builder()
.certificateArn(certArn)
.build();
try {
acmClient.renewCertificate(certificateRequest);
System.out.println("The certificate was renewed");
} catch(AcmException e){
System.out.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《AWS SDK for Java 2.x API 參考》**中的 [RenewCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/RenewCertificate)。
### `RequestCertificate`
以下程式碼範例顯示如何使用 `RequestCertificate`。
**SDK for Java 2.x**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/acm#code-examples)中設定和執行。
```
/**
* Before running this Java V2 code example, set up your development
* environment, including your credentials.
*
* For more information, see the following documentation topic:
*
* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html
*/
public class RequestCert {
public static void main(String[] args) {
requestCertificate();
}
/**
* Requests a certificate from the AWS Certificate Manager (ACM) service.
*/
public static void requestCertificate() {
AcmClient acmClient = AcmClient.create();
ArrayList san = new ArrayList<>();
san.add("www.example.com");
RequestCertificateRequest req = RequestCertificateRequest.builder()
.domainName("example.com")
.idempotencyToken("1Aq25pTy")
.subjectAlternativeNames(san)
.build();
try {
RequestCertificateResponse response = acmClient.requestCertificate(req);
System.out.println("Cert ARN IS " + response.certificateArn());
} catch (AcmException e) {
System.err.println(e.getMessage());
}
}
}
```
+ 如需 API 詳細資訊,請參閱《*AWS SDK for Java 2.x API 參考*》中的 [RequestCertificate](https://docs.aws.amazon.com/goto/SdkForJavaV2/acm-2015-12-08/RequestCertificate)。