Menu
AWS Certificate Manager Private Certificate Authority
AWS Private Certificate Authority Documentation (API Version 2017-08-22)

UpdateCertificateAuthority

Updates the status or configuration of a private certificate authority (CA). Your private CA must be in the ACTIVE or DISABLED state before you can update it. You can disable a private CA that is in the ACTIVE state or make a CA that is in the DISABLED state active again.

Request Syntax

{ "CertificateAuthorityArn": "string", "RevocationConfiguration": { "CrlConfiguration": { "CustomCname": "string", "Enabled": boolean, "ExpirationInDays": number, "S3BucketName": "string" } }, "Status": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

CertificateAuthorityArn

Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:

arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

Type: String

Length Constraints: Minimum length of 5. Maximum length of 200.

Pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:[\w+=/,.@-]*:[0-9]+:[\w+=,.@-]+(/[\w+=/,.@-]+)*

Required: Yes

RevocationConfiguration

Revocation information for your private CA.

Type: RevocationConfiguration object

Required: No

Status

Status of your private CA.

Type: String

Valid Values: CREATING | PENDING_CERTIFICATE | ACTIVE | DELETED | DISABLED | EXPIRED | FAILED

Required: No

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

ConcurrentModificationException

A previous update to your private CA is still ongoing.

HTTP Status Code: 400

InvalidArgsException

One or more of the specified arguments was not valid.

HTTP Status Code: 400

InvalidArnException

The requested Amazon Resource Name (ARN) does not refer to an existing resource.

HTTP Status Code: 400

InvalidPolicyException

The S3 bucket policy is not valid. The policy must give ACM PCA rights to read from and write to the bucket and find the bucket location.

HTTP Status Code: 400

InvalidStateException

The private CA is in a state during which a report cannot be generated.

HTTP Status Code: 400

ResourceNotFoundException

A resource such as a private CA, S3 bucket, certificate, or audit report cannot be found.

HTTP Status Code: 400

Examples

Example

Sample Request

POST / HTTP/1.1 Host: acm-pca.amazonaws.com Accept-Encoding: identity Content-Length: 323 X-Amz-Target: ACMPrivateCA.UpdateCertificateAuthority X-Amz-Date: 20180226T172929Z User-Agent: aws-cli/1.14.28 Python/2.7.9 Windows/8 botocore/1.8.32 Content-Type: application/x-amz-json-1.1 Authorization: AWS4-HMAC-SHA256 Credential=Access_Key_ID/20180226/AWS_Region/acm-pca/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=f11213b3c4da1754a811fcd72ea637b8acbe41fb7b5e3541806d0418a3323dd8 { "Status": "ACTIVE", "RevocationConfiguration": { "CrlConfiguration": { "CustomCname": "https://somename.crl", "Enabled": true, "S3BucketName": "your-bucket-name", "ExpirationInDays": 3650 } }, "CertificateAuthorityArn": "arn:aws:acm-pca:AWS_Region:AWS_Account:certificate-authority/12345678-1234-1234-1234-123456789012" }

Example

Sample Response

This function does not return a value.

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: