catch(InvalidArnException ex) {
catch (ResourceNotFoundException ex) {
throw ex;
}
// Clear the buffer.
buf_passphrase.clear();
// Display the certificate and certificate chain.
String certificate = result.getCertificate();
System.out.println(certificate);
String certificate_chain = result.getCertificateChain();
System.out.println(certificate_chain);
// This example retrieves but does not display the private key.
String private_key = result.getPrivateKey();
}}
Retrieve a certificate and certificate chain
The following example shows how to use the GetCertificate function.
GetCertificate
/** * This sample demonstrates how to use the GetCertificate function in the AWS Certificate * Manager service.
* * Input parameter:
* CertificateArn - The ARN of the certificate to retrieve.
*
* Output parameters:
* Certificate - A base64-encoded certificate in PEM format.
* CertificateChain - The base64-encoded certificate chain in PEM format.
* */
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows // or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load the credentials from the credential profiles file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard() .withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials)) .build();
// Create a request object and set the ARN of the certificate to be described.
GetCertificateRequest req = new GetCertificateRequest();
req.setCertificateArn("arn:aws:acm:region:account:certificate/
12345678-1234-1234-1234-123456789012");
// Retrieve the certificate and certificate chain.
// If you recently requested the certificate, loop until it has been created.
GetCertificateResult result = null;
long totalTimeout = 120000l;
long timeSlept = 0l;
long sleepInterval = 10000l;
while (result == null && timeSlept < totalTimeout) { try {
ImportCertificate
result = client.getCertificate(req);
}
catch (RequestInProgressException ex) { Thread.sleep(sleepInterval);
}
catch (ResourceNotFoundException ex) {
throw ex;
}
catch (InvalidArnException ex) {
throw ex;
}
timeSlept += sleepInterval;
}
// Display the certificate information.
System.out.println(result);
}}
The preceding example creates output similar to the following.
{Certificate: ---BEGIN base64-encoded certificate
---END CERTIFICATE---,
CertificateChain: ---BEGIN base64-encoded certificate chain
---END CERTIFICATE---}
Importing a certificate
The following example shows how to use the ImportCertificate function.
package com.amazonaws.samples;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.AWSCertificateManager;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.certificatemanager.model.ImportCertificateRequest;
import com.amazonaws.services.certificatemanager.model.ImportCertificateResult;
import com.amazonaws.services.certificatemanager.model.LimitExceededException;
import com.amazonaws.services.certificatemanager.model.ResourceNotFoundException;
import com.amazonaws.AmazonClientException;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.RandomAccessFile;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
/**
* This sample demonstrates how to use the ImportCertificate function in the AWS Certificate Manager
ImportCertificate
* service.
* * Input parameters:
* Certificate - PEM file that contains the certificate to import.
* CertificateArn - Use to reimport a certificate (not included in this example).
* CertificateChain - The certificate chain, not including the end-entity certificate.
* PrivateKey - The private key that matches the public key in the certificate.
* * Output parameter:
* CertificcateArn - The ARN of the imported certificate.
*
*/public class AWSCertificateManagerSample {
public static void main(String[] args) throws Exception {
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows // or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard() .withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials)) .build();
// Initialize the file descriptors.
RandomAccessFile file_certificate = null;
RandomAccessFile file_chain = null;
RandomAccessFile file_key = null;
file_certificate = new RandomAccessFile("C:\\Temp\\certificate.pem", "r");
file_chain = new RandomAccessFile("C:\\Temp\\chain.pem", "r");
file_key = new RandomAccessFile("C:\\Temp\\private_key.pem", "r");
}
catch (IllegalArgumentException ex) { throw ex;
FileChannel channel_certificate = file_certificate.getChannel();
FileChannel channel_chain = file_chain.getChannel();
FileChannel channel_key = file_key.getChannel();
// Map the files to buffers.
try {
ListCertificates
buf_certificate = channel_certificate.map(FileChannel.MapMode.READ_ONLY, 0, channel_certificate.size());
buf_chain = channel_chain.map(FileChannel.MapMode.READ_ONLY, 0, channel_chain.size());
buf_key = channel_key.map(FileChannel.MapMode.READ_ONLY, 0, channel_key.size());
// The files have been mapped, so clean up.
ImportCertificateRequest req = new ImportCertificateRequest();
req.setCertificate(buf_certificate);
req.setCertificateChain(buf_chain);
req.setPrivateKey(buf_key);
// Import the certificate.
ImportCertificateResult result = null;
try {
result = client.importCertificate(req);
}
catch(LimitExceededException ex) {
throw ex;
}
catch (ResourceNotFoundException ex) {
String arn = result.getCertificateArn();
System.out.println(arn);
} }
Listing certificates
The following example shows how to use the ListCertificates function.
package com.amazonaws.samples;
ListCertificates
/** * This sample demonstrates how to use the ListCertificates function in the AWS Certificate * Manager service.
* * Input parameters:
* CertificateStatuses - An array of strings that contains the statuses to use for filtering.
* MaxItems - The maximum number of certificates to return in the response.
* NextToken - Use when paginating results.
*
* Output parameters:
* CertificateSummaryList - A list of certificates.
* NextToken - Use to show additional results when paginating a truncated list.
* */
public class AWSCertificateManagerExample {
public static void main(String[] args) throws Exception{
// Retrieve your credentials from the C:\Users\name\.aws\credentials file in Windows // or the ~/.aws/credentials file in Linux.
AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider().getCredentials();
}
catch (Exception ex) {
throw new AmazonClientException("Cannot load the credentials from file.", ex);
}
// Create a client.
AWSCertificateManager client = AWSCertificateManagerClientBuilder.standard() .withRegion(Regions.US_EAST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials)) .build();
// Create a request object and set the parameters.
ListCertificatesRequest req = new ListCertificatesRequest();
List<String> Statuses = Arrays.asList("ISSUED", "EXPIRED", "PENDING_VALIDATION", "FAILED");
req.setCertificateStatuses(Statuses);
req.setMaxItems(10);
// Retrieve the list of certificates.
ListCertificatesResult result = null;
try {
System.out.println(result);
}
RenewCertificate
}
The preceding sample creates output similar to the following.
{ CertificateSummaryList: [{
CertificateArn:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012, DomainName: www.example1.com
}, {
CertificateArn:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012, DomainName: www.example2.com
}, {
CertificateArn:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012, DomainName: www.example3.com
}]
}