Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra.
Exportation d'un certificat
L'exemple suivant montre comment utiliser la fonction ExportCertificate. La fonction exporte un certificat privé. émis par une autorité de certification (CA) privée au format PKCS #8. (Il n'est pas possible d'exporter des certificats publics, qu'ils soient émis ou importés.) Elle exporte également la chaîne de certificats et la clé privée. Dans l'exemple, la phrase passe de la clé est stockée dans un fichier local.
package com.amazonaws.samples; import com.amazonaws.AmazonClientException; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.AWSCredentials; import com.amazonaws.regions.Regions; import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder; import com.amazonaws.services.certificatemanager.AWSCertificateManager; import com.amazonaws.services.certificatemanager.model.ExportCertificateRequest; import com.amazonaws.services.certificatemanager.model.ExportCertificateResult; import com.amazonaws.services.certificatemanager.model.InvalidArnException; import com.amazonaws.services.certificatemanager.model.InvalidTagException; import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException; import java.io.FileNotFoundException; import java.io.IOException; import java.io.RandomAccessFile; import java.nio.ByteBuffer; import java.nio.channels.FileChannel; public class ExportCertificate { public static void main(String[] args) throws Exception { // Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows // or the ~/.aws/credentials in Linux. AWSCredentials credentials = null; try { credentials = new ProfileCredentialsProvider().getCredentials(); } catch (Exception ex) { throw new AmazonClientException("Cannot load your credentials from file.", ex); } // Create a client. AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard() .withRegion(Regions.your_region) .withCredentials(new AWSStaticCredentialsProvider(credentials)) .build(); // Initialize a file descriptor for the passphrase file. RandomAccessFile file_passphrase = null; // Initialize a buffer for the passphrase. ByteBuffer buf_passphrase = null; // Create a file stream for reading the private key passphrase. try { file_passphrase = new RandomAccessFile("C:\\Temp\\password.txt", "r"); } catch (IllegalArgumentException ex) { throw ex; } catch (SecurityException ex) { throw ex; } catch (FileNotFoundException ex) { throw ex; } // Create a channel to map the file. FileChannel channel_passphrase = file_passphrase.getChannel(); // Map the file to the buffer. try { buf_passphrase = channel_passphrase.map(FileChannel.MapMode.READ_ONLY, 0, channel_passphrase.size()); // Clean up after the file is mapped. channel_passphrase.close(); file_passphrase.close(); } catch (IOException ex) { throw ex; } // Create a request object. ExportCertificateRequest req = new ExportCertificateRequest(); // Set the certificate ARN. req.withCertificateArn("arn:aws:acm:region:account:" +"certificate/M12345678-1234-1234-1234-123456789012"); // Set the passphrase. req.withPassphrase(buf_passphrase); // Export the certificate. ExportCertificateResult result = null; try { result = client.exportCertificate(req); } catch(InvalidArnException ex) { throw ex; } catch (InvalidTagException ex) { throw ex; } catch (ResourceNotFoundException ex) { throw ex; } // Clear the buffer. buf_passphrase.clear(); // Display the certificate and certificate chain. String certificate = result.getCertificate(); System.out.println(certificate); String certificate_chain = result.getCertificateChain(); System.out.println(certificate_chain); // This example retrieves but does not display the private key. String private_key = result.getPrivateKey(); } }
