本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。 # DeleteCertificateAuthority 以下 Java 示例显示了如何使用该[DeleteCertificateAuthority](https://docs.amazonaws.cn/privateca/latest/APIReference/API_DeleteCertificateAuthority.html)操作。 此操作将删除您使用该[CreateCertificateAuthority](https://docs.amazonaws.cn/privateca/latest/APIReference/API_CreateCertificateAuthority.html)操作创建的私有证书颁发机构 (CA)。`DeleteCertificateAuthority` 操作要求您提供要删除的 CA 的 ARN。您可以通过调用操作来找到 ARN。[ListCertificateAuthorities](https://docs.amazonaws.cn/privateca/latest/APIReference/API_ListCertificateAuthorities.html)如果私有 CA 的状态为 `CREATING` 或 `PENDING_CERTIFICATE`,则可立即将其删除。但是,如果您已经导入此证书,则无法立即将其删除。必须先通过调用[UpdateCertificateAuthority](https://docs.amazonaws.cn/privateca/latest/APIReference/API_UpdateCertificateAuthority.html)操作来禁用 CA,然后将`Status`参数设置为`DISABLED`。然后,您可以使用 `DeleteCertificateAuthority` 操作中的 `PermanentDeletionTimeInDays` 参数指定天数(7 到 30 天)。在此期间,私有 CA 可以还原到 `disabled` 状态。默认情况下,如果未设置 `PermanentDeletionTimeInDays` 参数,则还原期为 30 天。在此期间后,私有 CA 将被永久删除,无法还原。有关更多信息,请参阅 [还原 CA](PCARestoreCA.md)。 有关向您展示如何使用该[RestoreCertificateAuthority](https://docs.amazonaws.cn/privateca/latest/APIReference/API_RestoreCertificateAuthority.html)操作的 Java 示例,请参阅[RestoreCertificateAuthority](JavaApi-RestoreCertificateAuthority.md)。 ``` package com.amazonaws.samples; import com.amazonaws.auth.AWSCredentials; import com.amazonaws.auth.profile.ProfileCredentialsProvider; import com.amazonaws.client.builder.AwsClientBuilder; import com.amazonaws.client.builder.AwsClientBuilder.EndpointConfiguration; import com.amazonaws.auth.AWSStaticCredentialsProvider; import com.amazonaws.services.acmpca.AWSACMPCA; import com.amazonaws.services.acmpca.AWSACMPCAClientBuilder; import com.amazonaws.services.acmpca.model.DeleteCertificateAuthorityRequest; import com.amazonaws.AmazonClientException; import com.amazonaws.services.acmpca.model.ResourceNotFoundException; import com.amazonaws.services.acmpca.model.InvalidArnException; import com.amazonaws.services.acmpca.model.InvalidStateException; import com.amazonaws.services.acmpca.model.RequestFailedException; public class DeleteCertificateAuthority { public static void main(String[] args) throws Exception{ // Retrieve your credentials from the C:\Users\name\.aws\credentials file // in Windows or the .aws/credentials file in Linux. AWSCredentials credentials = null; try { credentials = new ProfileCredentialsProvider("default").getCredentials(); } catch (Exception e) { throw new AmazonClientException("Cannot load your credentials from disk", e); } // Define the endpoint for your sample. String endpointRegion = "region"; // Substitute your region here, e.g. "us-west-2" String endpointProtocol = "https://acm-pca." + endpointRegion + ".amazonaws.com/"; EndpointConfiguration endpoint = new AwsClientBuilder.EndpointConfiguration(endpointProtocol, endpointRegion); // Create a client that you can use to make requests. AWSACMPCA client = AWSACMPCAClientBuilder.standard() .withEndpointConfiguration(endpoint) .withCredentials(new AWSStaticCredentialsProvider(credentials)) .build(); // Create a requrest object and set the ARN of the private CA to delete. DeleteCertificateAuthorityRequest req = new DeleteCertificateAuthorityRequest(); // Set the certificate authority ARN. req.withCertificateAuthorityArn("arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566"); // Set the recovery period. req.withPermanentDeletionTimeInDays(12); // Delete the CA. try { client.deleteCertificateAuthority(req); } catch (ResourceNotFoundException ex) { throw ex; } catch (InvalidArnException ex) { throw ex; } catch (InvalidStateException ex) { throw ex; } catch (RequestFailedException ex) { throw ex; } } } ```