Menu
AWS IoT
Developer Guide

ListCertificatesByCA

List the device certificates signed by the specified CA certificate.

Request syntax:

GET /certificates-by-ca/caCertificateId?pageSize=pageSize&marker=marker&isAscendingOrder=ascendingOrder

URI Request Parameters:

Name

Type

Req?

Description

caCertificateId

CertificateId

yes

The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.

pageSize

PageSize

no

The result page size.

marker

Marker

no

The marker for the next set of results.

ascendingOrder

AscendingOrder

no

Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.

Response syntax:

Content-type: application/json { "certificates": [ { "certificateArn": "string", "certificateId": "string", "status": "string", "creationDate": "timestamp" } ], "nextMarker": "string" }

Response Body Parameters:

Name

Type

Req?

Description

certificates

Certificates

no

The device certificates signed by the specified CA certificate.

nextMarker

Marker

no

The marker for the next set of results, or null if there are no additional results.

Errors:

InvalidRequestException

The contents of the request were invalid. For example, this code is returned when an UpdateJobExecution request contains invalid status details. The message contains details about the error.

HTTP response code: 400

ThrottlingException

The rate exceeds the limit.

HTTP response code: 429

UnauthorizedException

You are not authorized to perform this operation.

HTTP response code: 401

ServiceUnavailableException

The service is temporarily unavailable.

HTTP response code: 503

InternalFailureException

An unexpected error has occurred.

HTTP response code: 500

CLI

Synopsis:

aws iot list-certificates-by-ca \ --ca-certificate-id <value> \ [--page-size <value>] \ [--marker <value>] \ [--ascending-order | --no-ascending-order] \ [--cli-input-json <value>] \ [--generate-cli-skeleton]

cli-input-json format:

{ "caCertificateId": "string", "pageSize": "integer", "marker": "string", "ascendingOrder": "boolean" }

cli-input-json fields:

Name

Type

Description

caCertificateId

string

length max:64 min:64

pattern: (0x)?[a-fA-F0-9]+

The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.

pageSize

integer

java class: java.lang.Integer

range- max:250 min:1

The result page size.

marker

string

pattern: [A-Za-z0-9+/]+={0,2}

The marker for the next set of results.

ascendingOrder

boolean

Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.

Output:

{ "certificates": [ { "certificateArn": "string", "certificateId": "string", "status": "string", "creationDate": "timestamp" } ], "nextMarker": "string" }

cli output fields:

Name

Type

Description

certificates

list

member: Certificate

java class: java.util.List

The device certificates signed by the specified CA certificate.

Certificate

Certificate

certificateArn

string

The ARN of the certificate.

certificateId

string

length max:64 min:64

pattern: (0x)?[a-fA-F0-9]+

The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)

status

string

enum: ACTIVE | INACTIVE | REVOKED | PENDING_TRANSFER | REGISTER_INACTIVE | PENDING_ACTIVATION

java class: iot.identity.service.CertificateStatus

The status of the certificate.

The status value REGISTER_INACTIVE is deprecated and should not be used.

creationDate

timestamp

The date and time the certificate was created.

nextMarker

string

pattern: [A-Za-z0-9+/]+={0,2}

The marker for the next set of results, or null if there are no additional results.

On this page: