检索证书和证书链 - AWS Certificate Manager
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

检索证书和证书链

以下示例演示如何使用 GetCertificate 函数。

package com.amazonaws.samples; import com.amazonaws.regions.Regions; import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder; import com.amazonaws.services.certificatemanager.AWSCertificateManager; import com.amazonaws.services.certificatemanager.model.GetCertificateRequest; import com.amazonaws.services.certificatemanager.model.GetCertificateResult; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.auth.AWSCredentials; import com.amazonaws.services.certificatemanager.model.InvalidArnException; import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException; import com.amazonaws.services.certificatemanager.model.RequestInProgressException; import com.amazonaws.AmazonClientException; /** * This sample demonstrates how to use the GetCertificate function in the AWS Certificate * Manager service. * * Input parameter: * CertificateArn - The ARN of the certificate to retrieve. * * Output parameters: * Certificate - A base64-encoded certificate in PEM format. * CertificateChain - The base64-encoded certificate chain in PEM format. * */ public class AWSCertificateManagerExample { public static void main(String[] args) throws Exception{ // Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows // or the ~/.aws/credentials file in Linux. AWSCredentials credentials = null; try { credentials = new ProfileCredentialsProvider().getCredentials(); } catch (Exception ex) { throw new AmazonClientException("Cannot load the credentials from the credential profiles file.", ex); } // Create a client. AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard() .withRegion(Regions.US_EAST_1) .withCredentials(new AWSStaticCredentialsProvider(credentials)) .build(); // Create a request object and set the ARN of the certificate to be described. GetCertificateRequest req = new GetCertificateRequest(); req.setCertificateArn("arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012"); // Retrieve the certificate and certificate chain. // If you recently requested the certificate, loop until it has been created. GetCertificateResult result = null; long totalTimeout = 120000l; long timeSlept = 0l; long sleepInterval = 10000l; while (result == null && timeSlept < totalTimeout) { try { result = client.getCertificate(req); } catch (RequestInProgressException ex) { Thread.sleep(sleepInterval); } catch (ResourceNotFoundException ex) { throw ex; } catch (InvalidArnException ex) { throw ex; } timeSlept += sleepInterval; } // Display the certificate information. System.out.println(result); } }

前面的示例将创建类似于以下内容的输出。

{Certificate: -----BEGIN CERTIFICATE----- base64-encoded certificate -----END CERTIFICATE-----, CertificateChain: -----BEGIN CERTIFICATE----- base64-encoded certificate chain -----END CERTIFICATE----- }