CreateCertificate
Creates an SSL/TLS certificate for an Amazon Lightsail content delivery network (CDN) distribution and a container service.
After the certificate is valid, use the AttachCertificateToDistribution
action to use the certificate and its domains with your distribution. Or use the
UpdateContainerService action to use the certificate and its domains with your
container service.
Important
Only certificates created in the us-east-1
AWS Region can be attached to Lightsail distributions. Lightsail
distributions are global resources that can reference an origin in any AWS
Region, and distribute its content globally. However, all distributions are located in the
us-east-1 Region.
Request Syntax
{
"certificateName": "string",
"domainName": "string",
"subjectAlternativeNames": [ "string" ],
"tags": [
{
"key": "string",
"value": "string"
}
]
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- certificateName
-
The name for the certificate.
Type: String
Required: Yes
- domainName
-
The domain name (
example.com) for the certificate.Type: String
Required: Yes
- subjectAlternativeNames
-
An array of strings that specify the alternate domains (
example2.com) and subdomains (blog.example.com) for the certificate.You can specify a maximum of nine alternate domains (in addition to the primary domain name).
Wildcard domain entries (
*.example.com) are not supported.Type: Array of strings
Required: No
-
The tag keys and optional values to add to the certificate during create.
Use the
TagResourceaction to tag a resource after it's created.Type: Array of Tag objects
Required: No
Response Syntax
{
"certificate": {
"certificateArn": "string",
"certificateDetail": {
"arn": "string",
"createdAt": number,
"domainName": "string",
"domainValidationRecords": [
{
"dnsRecordCreationState": {
"code": "string",
"message": "string"
},
"domainName": "string",
"resourceRecord": {
"name": "string",
"type": "string",
"value": "string"
},
"validationStatus": "string"
}
],
"eligibleToRenew": "string",
"inUseResourceCount": number,
"issuedAt": number,
"issuerCA": "string",
"keyAlgorithm": "string",
"name": "string",
"notAfter": number,
"notBefore": number,
"renewalSummary": {
"domainValidationRecords": [
{
"dnsRecordCreationState": {
"code": "string",
"message": "string"
},
"domainName": "string",
"resourceRecord": {
"name": "string",
"type": "string",
"value": "string"
},
"validationStatus": "string"
}
],
"renewalStatus": "string",
"renewalStatusReason": "string",
"updatedAt": number
},
"requestFailureReason": "string",
"revocationReason": "string",
"revokedAt": number,
"serialNumber": "string",
"status": "string",
"subjectAlternativeNames": [ "string" ],
"supportCode": "string",
"tags": [
{
"key": "string",
"value": "string"
}
]
},
"certificateName": "string",
"domainName": "string",
"tags": [
{
"key": "string",
"value": "string"
}
]
},
"operations": [
{
"createdAt": number,
"errorCode": "string",
"errorDetails": "string",
"id": "string",
"isTerminal": boolean,
"location": {
"availabilityZone": "string",
"regionName": "string"
},
"operationDetails": "string",
"operationType": "string",
"resourceName": "string",
"resourceType": "string",
"status": "string",
"statusChangedAt": number
}
]
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- certificate
-
An object that describes the certificate created.
Type: CertificateSummary object
- operations
-
An array of objects that describe the result of the action, such as the status of the request, the timestamp of the request, and the resources affected by the request.
Type: Array of Operation objects
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
Lightsail throws this exception when the user cannot be authenticated or uses invalid credentials to access a resource.
HTTP Status Code: 400
- InvalidInputException
-
Lightsail throws this exception when user input does not conform to the validation rules of an input field.
Note
Domain and distribution APIs are only available in the N. Virginia (
us-east-1) AWS Region. Please set your AWS Region configuration tous-east-1to create, view, or edit these resources.HTTP Status Code: 400
- NotFoundException
-
Lightsail throws this exception when it cannot find a resource.
HTTP Status Code: 400
- ServiceException
-
A general service exception.
HTTP Status Code: 500
- UnauthenticatedException
-
Lightsail throws this exception when the user has not been authenticated.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
