Die vorliegende Übersetzung wurde maschinell erstellt. Im Falle eines Konflikts oder eines Widerspruchs zwischen dieser übersetzten Fassung und der englischen Fassung (einschließlich infolge von Verzögerungen bei der Übersetzung) ist die englische Fassung maßgeblich.
# Verwendung AWS Certificate Manager mit dem SDK for Java
Sie können die AWS Certificate Manager API verwenden, um programmgesteuert mit dem Dienst zu interagieren, indem Sie HTTP-Anfragen senden. Weitere Informationen finden Sie in der [AWS Certificate Manager -API-Referenz](https://docs.aws.amazon.com/acm/latest/APIReference/).
Zusätzlich zur Web-API (oder HTTP-API) können Sie die Befehlszeilentools AWS SDKs und die Befehlszeilentools verwenden, um mit ACM und anderen Diensten zu interagieren. Weitere Informationen finden Sie unter [Tools für Amazon Web Services](https://aws.amazon.com/tools/).
In den folgenden Themen erfahren Sie, wie Sie mit einem der AWS SDKs, die [AWS SDK für Java](https://aws.amazon.com/sdk-for-java/), einige der verfügbaren Operationen in der AWS Certificate Manager API ausführen können.
**Topics**
+ [Hinzufügen von Tags zu einem Zertifikat](sdk-addtag.md)
+ [Löschen eines Zertifikats](sdk-delete.md)
+ [Beschreiben eines Zertifikats](sdk-describe.md)
+ [Exportieren eines Zertifikats](sdk-export.md)
+ [Ein Zertifikat und eine Zertifikatkette abrufen](sdk-get.md)
+ [Importieren eines Zertifikats](sdk-import.md)
+ [Auflisten von Zertifikaten](sdk-list.md)
+ [Erneuern eines Zertifikats](sdk-renew.md)
+ [Auflisten von Zertifikat-Tags](sdk-listtag.md)
+ [Entfernen von Tags aus einem Zertifikat](sdk-tagremove.md)
+ [Anfordern eines Zertifikats](sdk-request.md)
+ [Erneutes Senden einer Validierungs-E-Mail](sdk-validate.md)
# Hinzufügen von Tags zu einem Zertifikat
Das folgende Beispiel zeigt, wie die Funktion [AddTagsToCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_AddTagsToCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.model.ImportCertificateRequest;
import com.amazonaws.services.certificatemanager.model.ImportCertificateResult;
/**
* This sample demonstrates how to use the ImportCertificate function in the AWS Certificate Manager
* service.
*
* Input parameters:
* Accesskey - AWS access key
* SecretKey - AWS secret key
* CertificateArn - Use to reimport a certificate (not included in this example).
* region - AWS region
* Certificate - PEM file that contains the certificate to import. Ex: /data/certs/servercert.pem
* CertificateChain - The certificate chain, not including the end-entity certificate.
* PrivateKey - The private key that matches the public key in the certificate.
*
* Output parameter:
* CertificcateArn - The ARN of the imported certificate.
*
*/
public class AWSCertificateManagerSample {
public static void main(String[] args) throws IOException {
String accessKey = "";
String secretKey = "";
String certificateArn = null;
Regions region = Regions.DEFAULT_REGION;
String serverCertFilePath = "";
String privateKeyFilePath = "";
String caCertFilePath = "";
ImportCertificateRequest req = new ImportCertificateRequest()
.withCertificate(getCertContent(serverCertFilePath))
.withPrivateKey(getCertContent(privateKeyFilePath))
.withCertificateChain(getCertContent(caCertFilePath)).withCertificateArn(certificateArn);
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard().withRegion(region)
.withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)))
.build();
ImportCertificateResult result = client.importCertificate(req);
System.out.println(result.getCertificateArn());
List expectedTags = ImmutableList.of(Tag.builder().withKey("key").withValue("value").build());
AddTagsToCertificateRequest addTagsToCertificateRequest = AddTagsToCertificateRequest.builder()
.withCertificateArn(result.getCertificateArn())
.withTags(tags)
.build();
client.addTagsToCertificate(addTagsToCertificateRequest);
}
private static ByteBuffer getCertContent(String filePath) throws IOException {
String fileContent = new String(Files.readAllBytes(Paths.get(filePath)));
return StandardCharsets.UTF_8.encode(fileContent);
}
}
```
# Löschen eines Zertifikats
Das folgende Beispiel zeigt, wie die Funktion [DeleteCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_DeleteCertificate.html) verwendet werden kann. Im Erfolgsfall gibt die Funktion einen leeren Satz `{}` zurück.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.DeleteCertificateRequest;
import com.amazonaws.services.certificatemanager.model.DeleteCertificateResult;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.ResourceInUseException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.AmazonClientException;
/**
* This sample demonstrates how to use the DeleteCertificate function in the AWS Certificate
* Manager service.
*
* Input parameter:
* CertificateArn - The ARN of the certificate to delete.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load the credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and specify the ARN of the certificate to delete.
DeleteCertificateRequest req = new DeleteCertificateRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012");
// Delete the specified certificate.
DeleteCertificateResult result = null;
try {
result = client.deleteCertificate(req);
}
catch (InvalidArnException ex)
{
throw ex;
}
catch (ResourceInUseException ex)
{
throw ex;
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
// Display the result.
System.out.println(result);
}
}
```
# Beschreiben eines Zertifikats
Das folgende Beispiel zeigt, wie die Funktion [DescribeCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_DescribeCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.DescribeCertificateRequest;
import com.amazonaws.services.certificatemanager.model.DescribeCertificateResult;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.AmazonClientException;
/**
* This sample demonstrates how to use the DescribeCertificate function in the AWS Certificate
* Manager service.
*
* Input parameter:
* CertificateArn - The ARN of the certificate to be described.
*
* Output parameter:
* Certificate information
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load the credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and set the ARN of the certificate to be described.
DescribeCertificateRequest req = new DescribeCertificateRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012");
DescribeCertificateResult result = null;
try{
result = client.describeCertificate(req);
}
catch (InvalidArnException ex)
{
throw ex;
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
// Display the certificate information.
System.out.println(result);
}
}
```
Im Erfolgsfall werden für das vorherige Beispiel Informationen der folgenden Art angezeigt.
```
{
Certificate: {
CertificateArn: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012,
DomainName: www.example.com,
SubjectAlternativeNames: [www.example.com],
DomainValidationOptions: [{
DomainName: www.example.com,
}],
Serial: 10: 0a,
Subject: C=US,
ST=WA,
L=Seattle,
O=ExampleCompany,
OU=sales,
CN=www.example.com,
Issuer: ExampleCompany,
ImportedAt: FriOct0608: 17: 39PDT2017,
Status: ISSUED,
NotBefore: ThuOct0510: 14: 32PDT2017,
NotAfter: SunOct0310: 14: 32PDT2027,
KeyAlgorithm: RSA-2048,
SignatureAlgorithm: SHA256WITHRSA,
InUseBy: [],
Type: IMPORTED,
}
}
```
# Exportieren eines Zertifikats
Das folgende Beispiel zeigt, wie die Funktion [ExportCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExportCertificate.html) verwendet werden kann. Die Funktion exportiert ein privates Zertifikat, das von einer privaten Zertifizierungsstelle (Certificate Authority, CA) im PKCS \$18-Format ausgegeben wurde. (Es ist nicht möglich, öffentliche Zertifikate zu exportieren, unabhängig davon, ob sie von ACM ausgestellt oder importiert wurden.) Darüber hinaus exportiert sie die Zertifikatskette und den privaten Schlüssel. In diesem Beispiel wird die Passphrase für den Schlüssel in einer lokalen Datei gespeichert.
```
package com.amazonaws.samples;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.ExportCertificateRequest;
import com.amazonaws.services.certificatemanager.model.ExportCertificateResult;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.InvalidTagException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
public class ExportCertificate {
public static void main(String[] args) throws Exception {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.your_region)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Initialize a file descriptor for the passphrase file.
RandomAccessFile file_passphrase = null;
// Initialize a buffer for the passphrase.
ByteBuffer buf_passphrase = null;
// Create a file stream for reading the private key passphrase.
try {
file_passphrase = new RandomAccessFile("C:\\Temp\\password.txt", "r");
}
catch (IllegalArgumentException ex) {
throw ex;
}
catch (SecurityException ex) {
throw ex;
}
catch (FileNotFoundException ex) {
throw ex;
}
// Create a channel to map the file.
FileChannel channel_passphrase = file_passphrase.getChannel();
// Map the file to the buffer.
try {
buf_passphrase = channel_passphrase.map(FileChannel.MapMode.READ_ONLY, 0, channel_passphrase.size());
// Clean up after the file is mapped.
channel_passphrase.close();
file_passphrase.close();
}
catch (IOException ex)
{
throw ex;
}
// Create a request object.
ExportCertificateRequest req = new ExportCertificateRequest();
// Set the certificate ARN.
req.withCertificateArn("arn:aws:acm:region:account:"
+"certificate/M12345678-1234-1234-1234-123456789012");
// Set the passphrase.
req.withPassphrase(buf_passphrase);
// Export the certificate.
ExportCertificateResult result = null;
try {
result = client.exportCertificate(req);
}
catch(InvalidArnException ex)
{
throw ex;
}
catch (InvalidTagException ex)
{
throw ex;
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
// Clear the buffer.
buf_passphrase.clear();
// Display the certificate and certificate chain.
String certificate = result.getCertificate();
System.out.println(certificate);
String certificate_chain = result.getCertificateChain();
System.out.println(certificate_chain);
// This example retrieves but does not display the private key.
String private_key = result.getPrivateKey();
}
}
```
# Ein Zertifikat und eine Zertifikatkette abrufen
Das folgende Beispiel zeigt, wie die Funktion [GetCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_GetCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.GetCertificateRequest;
import com.amazonaws.services.certificatemanager.model.GetCertificateResult;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.services.certificatemanager.model.RequestInProgressException;
import com.amazonaws.AmazonClientException;
/**
* This sample demonstrates how to use the GetCertificate function in the AWS Certificate
* Manager service.
*
* Input parameter:
* CertificateArn - The ARN of the certificate to retrieve.
*
* Output parameters:
* Certificate - A base64-encoded certificate in PEM format.
* CertificateChain - The base64-encoded certificate chain in PEM format.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load the credentials from the credential profiles file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and set the ARN of the certificate to be described.
GetCertificateRequest req = new GetCertificateRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012");
// Retrieve the certificate and certificate chain.
// If you recently requested the certificate, loop until it has been created.
GetCertificateResult result = null;
long totalTimeout = 120000l;
long timeSlept = 0l;
long sleepInterval = 10000l;
while (result == null && timeSlept < totalTimeout) {
try {
result = client.getCertificate(req);
}
catch (RequestInProgressException ex) {
Thread.sleep(sleepInterval);
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
catch (InvalidArnException ex)
{
throw ex;
}
timeSlept += sleepInterval;
}
// Display the certificate information.
System.out.println(result);
}
}
```
Das vorherige Beispiel erstellt eine Ausgabe der folgenden Art.
```
{Certificate: -----BEGIN CERTIFICATE-----
base64-encoded certificate
-----END CERTIFICATE-----,
CertificateChain: -----BEGIN CERTIFICATE-----
base64-encoded certificate chain
-----END CERTIFICATE-----
}
```
# Importieren eines Zertifikats
Das folgende Beispiel zeigt, wie die Funktion [ImportCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_ImportCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.model.ImportCertificateRequest;
import com.amazonaws.services.certificatemanager.model.ImportCertificateResult;
import com.amazonaws.services.certificatemanager.model.LimitExceededException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.AmazonClientException;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
/**
* This sample demonstrates how to use the ImportCertificate function in the AWS Certificate Manager
* service.
*
* Input parameters:
* Certificate - PEM file that contains the certificate to import.
* CertificateArn - Use to reimport a certificate (not included in this example).
* CertificateChain - The certificate chain, not including the end-entity certificate.
* PrivateKey - The private key that matches the public key in the certificate.
*
* Output parameter:
* CertificcateArn - The ARN of the imported certificate.
*
*/
public class AWSCertificateManagerSample {
public static void main(String[] args) throws Exception {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException(
"Cannot load the credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Initialize the file descriptors.
RandomAccessFile file_certificate = null;
RandomAccessFile file_chain = null;
RandomAccessFile file_key = null;
// Initialize the buffers.
ByteBuffer buf_certificate = null;
ByteBuffer buf_chain = null;
ByteBuffer buf_key = null;
// Create the file streams for reading.
try {
file_certificate = new RandomAccessFile("C:\\Temp\\certificate.pem", "r");
file_chain = new RandomAccessFile("C:\\Temp\\chain.pem", "r");
file_key = new RandomAccessFile("C:\\Temp\\private_key.pem", "r");
}
catch (IllegalArgumentException ex) {
throw ex;
}
catch (SecurityException ex) {
throw ex;
}
catch (FileNotFoundException ex) {
throw ex;
}
// Create channels for mapping the files.
FileChannel channel_certificate = file_certificate.getChannel();
FileChannel channel_chain = file_chain.getChannel();
FileChannel channel_key = file_key.getChannel();
// Map the files to buffers.
try {
buf_certificate = channel_certificate.map(FileChannel.MapMode.READ_ONLY, 0, channel_certificate.size());
buf_chain = channel_chain.map(FileChannel.MapMode.READ_ONLY, 0, channel_chain.size());
buf_key = channel_key.map(FileChannel.MapMode.READ_ONLY, 0, channel_key.size());
// The files have been mapped, so clean up.
channel_certificate.close();
channel_chain.close();
channel_key.close();
file_certificate.close();
file_chain.close();
file_key.close();
}
catch (IOException ex)
{
throw ex;
}
// Create a request object and set the parameters.
ImportCertificateRequest req = new ImportCertificateRequest();
req.setCertificate(buf_certificate);
req.setCertificateChain(buf_chain);
req.setPrivateKey(buf_key);
// Import the certificate.
ImportCertificateResult result = null;
try {
result = client.importCertificate(req);
}
catch(LimitExceededException ex)
{
throw ex;
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
// Clear the buffers.
buf_certificate.clear();
buf_chain.clear();
buf_key.clear();
// Retrieve and display the certificate ARN.
String arn = result.getCertificateArn();
System.out.println(arn);
}
}
```
# Auflisten von Zertifikaten
Das folgende Beispiel zeigt, wie die Funktion [ListCertificates](https://docs.aws.amazon.com/acm/latest/APIReference/API_ListCertificates.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.ListCertificatesRequest;
import com.amazonaws.services.certificatemanager.model.ListCertificatesResult;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.AmazonClientException;
import java.util.Arrays;
import java.util.List;
/**
* This sample demonstrates how to use the ListCertificates function in the AWS Certificate
* Manager service.
*
* Input parameters:
* CertificateStatuses - An array of strings that contains the statuses to use for filtering.
* MaxItems - The maximum number of certificates to return in the response.
* NextToken - Use when paginating results.
*
* Output parameters:
* CertificateSummaryList - A list of certificates.
* NextToken - Use to show additional results when paginating a truncated list.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load the credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and set the parameters.
ListCertificatesRequest req = new ListCertificatesRequest();
List Statuses = Arrays.asList("ISSUED", "EXPIRED", "PENDING_VALIDATION", "FAILED");
req.setCertificateStatuses(Statuses);
req.setMaxItems(10);
// Retrieve the list of certificates.
ListCertificatesResult result = null;
try {
result = client.listCertificates(req);
}
catch (Exception ex)
{
throw ex;
}
// Display the certificate list.
System.out.println(result);
}
}
```
Das vorherige Beispiel erstellt eine Ausgabe der folgenden Art.
```
{
CertificateSummaryList: [{
CertificateArn: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012,
DomainName: www.example1.com
},
{
CertificateArn: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012,
DomainName: www.example2.com
},
{
CertificateArn: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012,
DomainName: www.example3.com
}]
}
```
# Erneuern eines Zertifikats
Das folgende Beispiel zeigt, wie die Funktion [RenewCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_RenewCertificate.html) verwendet werden kann. Die Funktion erneuert ein privates Zertifikat, das von einer privaten Zertifizierungsstelle (CA) ausgestellt und mit der [ExportCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExportCertificate.html)Funktion exportiert wurde. Derzeit können nur exportierte private Zertifikate mit dieser Funktion erneuert werden. Um Ihre AWS Private CA Zertifikate bei ACM zu erneuern, müssen Sie zunächst dem ACM-Dienstprinzipal die entsprechenden Berechtigungen erteilen. Weitere Informationen finden Sie unter [Assigning Certificate Renewal Permissions to ACM](https://docs.aws.amazon.com/privateca/latest/userguide/assign-permissions.html#PcaPermissions).
```
package com.amazonaws.samples;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.RenewCertificateRequest;
import com.amazonaws.services.certificatemanager.model.RenewCertificateResult;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.services.certificatemanager.model.ValidationException;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
public class RenewCertificate {
public static void main(String[] args) throws Exception {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.your_region)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and specify the ARN of the certificate to renew.
RenewCertificateRequest req = new RenewCertificateRequest();
req.withCertificateArn("arn:aws:acm:region:account:"
+"certificate/M12345678-1234-1234-1234-123456789012");
// Renew the certificate.
RenewCertificateResult result = null;
try {
result = client.renewCertificate(req);
}
catch(InvalidArnException ex)
{
throw ex;
}
catch (ResourceNotFoundException ex)
{
throw ex;
}
catch (ValidationException ex)
{
throw ex;
}
// Display the result.
System.out.println(result);
}
}
```
# Auflisten von Zertifikat-Tags
Das folgende Beispiel zeigt, wie die Funktion [ListTagsForCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_ListTagsForCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.ListTagsForCertificateRequest;
import com.amazonaws.services.certificatemanager.model.ListTagsForCertificateResult;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.regions.Regions;
/**
* This sample demonstrates how to use the ListTagsForCertificate function in the AWS Certificate
* Manager service.
*
* Input parameter:
* CertificateArn - The ARN of the certificate whose tags you want to list.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and specify the ARN of the certificate.
ListTagsForCertificateRequest req = new ListTagsForCertificateRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012");
// Create a result object.
ListTagsForCertificateResult result = null;
try {
result = client.listTagsForCertificate(req);
}
catch(InvalidArnException ex) {
throw ex;
}
catch(ResourceNotFoundException ex) {
throw ex;
}
// Display the result.
System.out.println(result);
}
}
```
Das vorherige Beispiel erstellt eine Ausgabe der folgenden Art.
```
{Tags: [{Key: Purpose,Value: Test}, {Key: Short_Name,Value: My_Cert}]}
```
# Entfernen von Tags aus einem Zertifikat
Das folgende Beispiel zeigt, wie die Funktion [RemoveTagsFromCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_RemoveTagsFromCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.RemoveTagsFromCertificateRequest;
import com.amazonaws.services.certificatemanager.model.RemoveTagsFromCertificateResult;
import com.amazonaws.services.certificatemanager.model.Tag;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.services.certificatemanager.model.InvalidTagException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import java.util.ArrayList;
/**
* This sample demonstrates how to use the RemoveTagsFromCertificate function in the AWS Certificate
* Manager service.
*
* Input parameters:
* CertificateArn - The ARN of the certificate from which you want to remove one or more tags.
* Tags - A collection of key-value pairs that specify which tags to remove.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Specify the tags to remove.
Tag tag1 = new Tag();
tag1.setKey("Short_Name");
tag1.setValue("My_Cert");
Tag tag2 = new Tag()
.withKey("Purpose")
.withValue("Test");
// Add the tags to a collection.
ArrayList tags = new ArrayList();
tags.add(tag1);
tags.add(tag2);
// Create a request object.
RemoveTagsFromCertificateRequest req = new RemoveTagsFromCertificateRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012");
req.setTags(tags);
// Create a result object.
RemoveTagsFromCertificateResult result = null;
try {
result = client.removeTagsFromCertificate(req);
}
catch(InvalidArnException ex)
{
throw ex;
}
catch(InvalidTagException ex)
{
throw ex;
}
catch(ResourceNotFoundException ex)
{
throw ex;
}
// Display the result.
System.out.println(result);
}
}
```
# Anfordern eines Zertifikats
Das folgende Beispiel zeigt, wie die Funktion [RequestCertificate](https://docs.aws.amazon.com/acm/latest/APIReference/API_RequestCertificate.html) verwendet werden kann.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.RequestCertificateRequest;
import com.amazonaws.services.certificatemanager.model.RequestCertificateResult;
import com.amazonaws.services.certificatemanager.model.InvalidDomainValidationOptionsException;
import com.amazonaws.services.certificatemanager.model.LimitExceededException;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import java.util.ArrayList;
/**
* This sample demonstrates how to use the RequestCertificate function in the AWS Certificate
* Manager service.
*
* Input parameters:
* DomainName - FQDN of your site.
* DomainValidationOptions - Domain name for email validation.
* IdempotencyToken - Distinguishes between calls to RequestCertificate.
* SubjectAlternativeNames - Additional FQDNs for the subject alternative names extension.
*
* Output parameter:
* Certificate ARN - The Amazon Resource Name (ARN) of the certificate you requested.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Specify a SAN.
ArrayList san = new ArrayList();
san.add("www.example.com");
// Create a request object and set the input parameters.
RequestCertificateRequest req = new RequestCertificateRequest();
req.setDomainName("example.com");
req.setIdempotencyToken("1Aq25pTy");
req.setSubjectAlternativeNames(san);
// Create a result object and display the certificate ARN.
RequestCertificateResult result = null;
try {
result = client.requestCertificate(req);
}
catch(InvalidDomainValidationOptionsException ex)
{
throw ex;
}
catch(LimitExceededException ex)
{
throw ex;
}
// Display the ARN.
System.out.println(result);
}
}
```
Das vorherige Beispiel erstellt eine Ausgabe der folgenden Art.
```
{CertificateArn: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012}
```
# Erneutes Senden einer Validierungs-E-Mail
Das folgende Beispiel zeigt Ihnen, wie Sie die [ResendValidationEmail](https://docs.aws.amazon.com/acm/latest/APIReference/API_ResendValidationEmail.html)Funktion verwenden.
```
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.services.certificatemanager.model.ResendValidationEmailRequest;
import com.amazonaws.services.certificatemanager.model.ResendValidationEmailResult;
import com.amazonaws.services.certificatemanager.model.InvalidDomainValidationOptionsException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.services.certificatemanager.model.InvalidStateException;
import com.amazonaws.services.certificatemanager.model.InvalidArnException;
import com.amazonaws.AmazonClientException;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
/**
* This sample demonstrates how to use the ResendValidationEmail function in the AWS Certificate
* Manager service.
*
* Input parameters:
* CertificateArn - Amazon Resource Name (ARN) of the certificate request.
* Domain - FQDN in the certificate request.
* ValidationDomain - The base validation domain that is used to send email.
*
*/
public class AWSCertificateManagerExample {
public static void main(String[] args) {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows
// or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load your credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard()
.withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
// Create a request object and set the input parameters.
ResendValidationEmailRequest req = new ResendValidationEmailRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012");
req.setDomain("gregpe.io");
req.setValidationDomain("gregpe.io");
// Create a result object.
ResendValidationEmailResult result = null;
try {
result = client.resendValidationEmail(req);
}
catch(ResourceNotFoundException ex)
{
throw ex;
}
catch (InvalidStateException ex)
{
throw ex;
}
catch (InvalidArnException ex)
{
throw ex;
}
catch (InvalidDomainValidationOptionsException ex)
{
throw ex;
}
// Display the result.
System.out.println(result.toString());
}
}
```
Beim vorherigen Beispiel wird Ihre Validierungs-E-Mail erneut gesendet und eine leere Gruppe angezeigt.