Get a server certificate List server certificates Update a server certificate Delete a server certificate More information

At Amazon Web Services (AWS), we’re focused on finding ways to improve our products and provide a better customer experience. To do that, we need your feedback. Please take 5 minutes of your time to share insights regarding your experience with Java Spring and your need for Spring integration with AWS.

This survey is hosted by an external company (Qualtrics), so the link above does not lead to our website. Please note that AWS will own the data gathered via this survey, and will not share the information/results collected with survey respondents. AWS handles your information as described in the AWS Privacy Notice.

Work with IAM server certificates

To enable HTTPS connections to your website or application on AWS, you need an SSL/TLS server certificate. You can use a server certificate provided by AWS Certificate Manager or one that you obtained from an external provider.

We recommend that you use ACM to provision, manage, and deploy your server certificates. With ACM you can request a certificate, deploy it to your AWS resources, and let ACM handle certificate renewals for you. Certificates provided by ACM are free. For more information about ACM , see the ACM User Guide.

Get a server certificate

You can retrieve a server certificate by calling the IamClient’s getServerCertificate method, passing it a GetServerCertificateRequest with the certificate’s name.

Imports


import software.amazon.awssdk.services.iam.model.GetServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.GetServerCertificateResponse;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamClient;
import software.amazon.awssdk.services.iam.model.IamException;

Code


public static void getCertificate(IamClient iam,String certName ) {

    try {
        GetServerCertificateRequest request = GetServerCertificateRequest.builder()
                .serverCertificateName(certName)
                .build();

        GetServerCertificateResponse response = iam.getServerCertificate(request);
        System.out.format("Successfully retrieved certificate with body %s",
            response.serverCertificate().certificateBody());

     } catch (IamException e) {
        System.err.println(e.awsErrorDetails().errorMessage());
        System.exit(1);
    }
}

See the complete example on GitHub.

List server certificates

To list your server certificates, call the IamClient’s listServerCertificates method with a ListServerCertificatesRequest. It returns a ListServerCertificatesResponse.

Call the returned ListServerCertificateResponse object’s serverCertificateMetadataList method to get a list of ServerCertificateMetadata objects that you can use to get information about each certificate.

Results may be truncated; if the ListServerCertificateResponse object’s isTruncated method returns true, call the ListServerCertificatesResponse object’s marker method and use the marker to create a new request. Use the new request to call listServerCertificates again to get the next batch of results.

Imports


import software.amazon.awssdk.services.iam.model.IamException;
import software.amazon.awssdk.services.iam.model.ListServerCertificatesRequest;
import software.amazon.awssdk.services.iam.model.ListServerCertificatesResponse;
import software.amazon.awssdk.services.iam.model.ServerCertificateMetadata;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamClient;

Code


public static void listCertificates(IamClient iam) {

    try {
        boolean done = false;
        String newMarker = null;

        while(!done) {
          ListServerCertificatesResponse response;

        if (newMarker == null) {
            ListServerCertificatesRequest request =
                    ListServerCertificatesRequest.builder().build();
            response = iam.listServerCertificates(request);
        } else {
            ListServerCertificatesRequest request =
                    ListServerCertificatesRequest.builder()
                            .marker(newMarker).build();
            response = iam.listServerCertificates(request);
        }

        for(ServerCertificateMetadata metadata :
                response.serverCertificateMetadataList()) {
            System.out.printf("Retrieved server certificate %s",
                    metadata.serverCertificateName());
        }

        if(!response.isTruncated()) {
            done = true;
        } else {
            newMarker = response.marker();
        }
    }

    } catch (IamException e) {
        System.err.println(e.awsErrorDetails().errorMessage());
        System.exit(1);
    }

See the complete example on GitHub.

Update a server certificate

You can update a server certificate’s name or path by calling the IamClient’s updateServerCertificate method. It takes a UpdateServerCertificateRequest object set with the server certificate’s current name and either a new name or new path to use.

Imports


import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamClient;
import software.amazon.awssdk.services.iam.model.IamException;
import software.amazon.awssdk.services.iam.model.UpdateServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.UpdateServerCertificateResponse;

Code


public static void updateCertificate(IamClient iam, String curName, String newName) {

    try {
        UpdateServerCertificateRequest request =
            UpdateServerCertificateRequest.builder()
                    .serverCertificateName(curName)
                    .newServerCertificateName(newName)
                    .build();

        UpdateServerCertificateResponse response =
            iam.updateServerCertificate(request);


        System.out.printf("Successfully updated server certificate to name %s",
            newName);

    } catch (IamException e) {
         System.err.println(e.awsErrorDetails().errorMessage());
         System.exit(1);
    }
 }

See the complete example on GitHub.

Delete a server certificate

To delete a server certificate, call the IamClient’s deleteServerCertificate method with a DeleteServerCertificateRequest containing the certificate’s name.

Imports


import software.amazon.awssdk.services.iam.model.DeleteServerCertificateRequest;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.iam.IamClient;
import software.amazon.awssdk.services.iam.model.IamException;

Code


public static void deleteCert(IamClient iam,String certName ) {

    try {
        DeleteServerCertificateRequest request =
            DeleteServerCertificateRequest.builder()
                    .serverCertificateName(certName)
                    .build();

        iam.deleteServerCertificate(request);
        System.out.println("Successfully deleted server certificate " +
                certName);

    } catch (IamException e) {
        System.err.println(e.awsErrorDetails().errorMessage());
        System.exit(1);
    }
}

See the complete example on GitHub.

More information

Working with Server Certificates in the IAM User Guide
GetServerCertificate in the IAM API Reference
ListServerCertificates in the IAM API Reference
UpdateServerCertificate in the IAM API Reference
DeleteServerCertificate in the IAM API Reference
ACM User Guide

Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Work with IAM policies

Amazon Athena