Menu
AWS IoT
Developer Guide

DescribeCertificate

Gets information about the specified certificate.

Request syntax:

GET /certificates/certificateId

URI Request Parameters:

Name

Type

Req?

Description

certificateId

CertificateId

yes

The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

Response syntax:

Content-type: application/json { "certificateDescription": { "certificateArn": "string", "certificateId": "string", "caCertificateId": "string", "status": "string", "certificatePem": "string", "ownedBy": "string", "previousOwnedBy": "string", "creationDate": "timestamp", "lastModifiedDate": "timestamp", "transferData": { "transferMessage": "string", "rejectReason": "string", "transferDate": "timestamp", "acceptDate": "timestamp", "rejectDate": "timestamp" } } }

Response Body Parameters:

Name

Type

Req?

Description

certificateDescription

CertificateDescription

no

The description of the certificate.

Errors:

InvalidRequestException

The contents of the request were invalid. For example, this code is returned when an UpdateJobExecution request contains invalid status details. The message contains details about the error.

HTTP response code: 400

ThrottlingException

The rate exceeds the limit.

HTTP response code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP response code: 401

ServiceUnavailableException

The service is temporarily unavailable.

HTTP response code: 503

InternalFailureException

An unexpected error has occurred.

HTTP response code: 500

ResourceNotFoundException

The specified resource does not exist.

HTTP response code: 404

CLI

Synopsis:

aws iot describe-certificate \ --certificate-id <value> \ [--cli-input-json <value>] \ [--generate-cli-skeleton]

cli-input-json format:

{ "certificateId": "string" }

cli-input-json fields:

Name

Type

Description

certificateId

string

length max:64 min:64

pattern: (0x)?[a-fA-F0-9]+

The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

Output:

{ "certificateDescription": { "certificateArn": "string", "certificateId": "string", "caCertificateId": "string", "status": "string", "certificatePem": "string", "ownedBy": "string", "previousOwnedBy": "string", "creationDate": "timestamp", "lastModifiedDate": "timestamp", "transferData": { "transferMessage": "string", "rejectReason": "string", "transferDate": "timestamp", "acceptDate": "timestamp", "rejectDate": "timestamp" } } }

cli output fields:

Name

Type

Description

certificateDescription

CertificateDescription

The description of the certificate.

certificateArn

string

The ARN of the certificate.

certificateId

string

length max:64 min:64

pattern: (0x)?[a-fA-F0-9]+

The ID of the certificate.

caCertificateId

string

length max:64 min:64

pattern: (0x)?[a-fA-F0-9]+

The certificate ID of the CA certificate used to sign this certificate.

status

string

enum: ACTIVE | INACTIVE | REVOKED | PENDING_TRANSFER | REGISTER_INACTIVE | PENDING_ACTIVATION

java class: iot.identity.service.CertificateStatus

The status of the certificate.

certificatePem

string

length max:65536 min:1

The certificate data, in PEM format.

ownedBy

string

pattern: [0-9]{12}

The ID of the AWS account that owns the certificate.

previousOwnedBy

string

pattern: [0-9]{12}

The ID of the AWS account of the previous owner of the certificate.

creationDate

timestamp

The date and time the certificate was created.

lastModifiedDate

timestamp

The date and time the certificate was last modified.

transferData

TransferData

The transfer data.

transferMessage

string

length max:128

The transfer message.

rejectReason

string

length max:128

The reason why the transfer was rejected.

transferDate

timestamp

The date the transfer took place.

acceptDate

timestamp

The date the transfer was accepted.

rejectDate

timestamp

The date the transfer was rejected.

On this page: