AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Container for the parameters to the RequestCertificate operation.
Requests an ACM certificate for use with other Amazon Web Services services. To request
an ACM certificate, you must specify a fully qualified domain name (FQDN) in the DomainName
parameter. You can also specify additional FQDNs in the SubjectAlternativeNames
parameter.
If you are requesting a private certificate, domain validation is not required. If you are requesting a public certificate, each domain name that you specify must be validated to verify that you own or control the domain. You can use DNS validation or email validation. We recommend that you use DNS validation. ACM issues public certificates after receiving approval from the domain owner.
ACM behavior differs from the RFC 6125 specification of the certificate validation process. ACM first checks for a Subject Alternative Name, and, if it finds one, ignores the common name (CN).
After successful completion of the RequestCertificate
action, there is a delay
of several seconds before you can retrieve information about the new certificate.
Namespace: Amazon.CertificateManager.Model
Assembly: AWSSDK.CertificateManager.dll
Version: 3.x.y.z
public class RequestCertificateRequest : AmazonCertificateManagerRequest IAmazonWebServiceRequest
The RequestCertificateRequest type exposes the following members
Name | Description | |
---|---|---|
RequestCertificateRequest() |
Name | Type | Description | |
---|---|---|---|
CertificateAuthorityArn | System.String |
Gets and sets the property CertificateAuthorityArn. The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the Amazon Web Services Private Certificate Authority user guide. The ARN must have the following form:
|
|
DomainName | System.String |
Gets and sets the property DomainName. Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. In compliance with RFC 5280, the length of the domain name (technically, the Common Name) that you provide cannot exceed 64 octets (characters), including periods. To add a longer domain name, specify it in the Subject Alternative Name field, which supports names up to 253 octets in length. |
|
DomainValidationOptions | System.Collections.Generic.List<Amazon.CertificateManager.Model.DomainValidationOption> |
Gets and sets the property DomainValidationOptions. The domain name that you want ACM to use to send you emails so that you can validate domain ownership. |
|
IdempotencyToken | System.String |
Gets and sets the property IdempotencyToken.
Customer chosen string that can be used to distinguish between calls to |
|
KeyAlgorithm | Amazon.CertificateManager.KeyAlgorithm |
Gets and sets the property KeyAlgorithm. Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. Default: RSA_2048 |
|
Options | Amazon.CertificateManager.Model.CertificateOptions |
Gets and sets the property Options. Currently, you can use this parameter to specify whether to add the certificate to a certificate transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser. For more information, see Opting Out of Certificate Transparency Logging. |
|
SubjectAlternativeNames | System.Collections.Generic.List<System.String> |
Gets and sets the property SubjectAlternativeNames.
Additional FQDNs to be included in the Subject Alternative Name extension of the ACM
certificate. For example, add the name www.example.net to a certificate for which
the The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples:
|
|
Tags | System.Collections.Generic.List<Amazon.CertificateManager.Model.Tag> |
Gets and sets the property Tags. One or more resource tags to associate with the certificate. |
|
ValidationMethod | Amazon.CertificateManager.ValidationMethod |
Gets and sets the property ValidationMethod. The method you want to use if you are requesting a public certificate to validate that you own or control domain. You can validate with DNS or validate with email. We recommend that you use DNS validation. |
.NET Core App:
Supported in: 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5, 4.0, 3.5