Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

[ aws . acm-pca ]

update-certificate-authority

Description

Updates the status or configuration of a private certificate authority (CA). Your private CA must be in the ACTIVE or DISABLED state before you can update it. You can disable a private CA that is in the ACTIVE state or make a CA that is in the DISABLED state active again.

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  update-certificate-authority
--certificate-authority-arn <value>
[--revocation-configuration <value>]
[--status <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--certificate-authority-arn (string)

Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:

``arn:aws:acm-pca:region :account :certificate-authority/12345678-1234-1234-1234-123456789012 ``

--revocation-configuration (structure)

Revocation information for your private CA.

Shorthand Syntax:

CrlConfiguration={Enabled=boolean,ExpirationInDays=integer,CustomCname=string,S3BucketName=string}

JSON Syntax:

{
  "CrlConfiguration": {
    "Enabled": true|false,
    "ExpirationInDays": integer,
    "CustomCname": "string",
    "S3BucketName": "string"
  }
}

--status (string)

Status of your private CA.

Possible values:

  • CREATING
  • PENDING_CERTIFICATE
  • ACTIVE
  • DELETED
  • DISABLED
  • EXPIRED
  • FAILED

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Examples

To update the configuration of your private certificate authority

The update-certificate-authority command updates the status and configuration of your private CA:

aws acm-pca update-certificate-authority --certificate-authority-arn arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-1232456789012 --revocation-configuration file://C:\revoke_config.txt --status "DISABLED"

Output

None