Copyright	(c) 2013-2018 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None
Language	Haskell2010

Network.AWS.CertificateManagerPCA.IssueCertificate

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Uses your private certificate authority (CA) to issue a client certificate. This function returns the Amazon Resource Name (ARN) of the certificate. You can retrieve the certificate by calling the GetCertificate function and specifying the ARN.

Creating a Request

issueCertificate Source #

Arguments

:: Text	`icCertificateAuthorityARN`
-> ByteString	`icCSR`
-> SigningAlgorithm	`icSigningAlgorithm`
-> Validity	`icValidity`
-> IssueCertificate

Creates a value of IssueCertificate with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

icIdempotencyToken - Custom string that can be used to distinguish between calls to the IssueCertificate function. Idempotency tokens time out after one hour. Therefore, if you call IssueCertificate multiple times with the same idempotency token within 5 minutes, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificates.
icCertificateAuthorityARN - The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority . This must be of the form: arn:aws:acm:region :account :certificate-authority/12345678-1234-1234-1234-123456789012
icCSR - The certificate signing request (CSR) for the certificate you want to issue. You can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key. openssl req -new -newkey rsa:2048 -days 365 -keyout privatetest_cert_priv_key.pem -out csrtest_cert_.csr If you have a configuration file, you can use the following OpenSSL command. The usr_cert block in the configuration file contains your X509 version 3 extensions. openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days -365 -keyout privatetest_cert_priv_key.pem -out csrtest_cert_.csr -- Note: This Lens automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This Lens accepts and returns only raw unencoded data.
icSigningAlgorithm - The name of the algorithm that will be used to sign the certificate to be issued.
icValidity - The type of the validity period.

data IssueCertificate Source #

See: issueCertificate smart constructor.

Instances

Eq IssueCertificate Source #
Methods (==) :: IssueCertificate -> IssueCertificate -> Bool # (/=) :: IssueCertificate -> IssueCertificate -> Bool #
Data IssueCertificate Source #
Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> IssueCertificate -> c IssueCertificate # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c IssueCertificate # toConstr :: IssueCertificate -> Constr # dataTypeOf :: IssueCertificate -> DataType # dataCast1 :: Typeable (* -> ) t => (forall d. Data d => c (t d)) -> Maybe (c IssueCertificate) # dataCast2 :: Typeable ( -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c IssueCertificate) # gmapT :: (forall b. Data b => b -> b) -> IssueCertificate -> IssueCertificate # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> IssueCertificate -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> IssueCertificate -> r # gmapQ :: (forall d. Data d => d -> u) -> IssueCertificate -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> IssueCertificate -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> IssueCertificate -> m IssueCertificate # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> IssueCertificate -> m IssueCertificate # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> IssueCertificate -> m IssueCertificate #
Read IssueCertificate Source #
Methods readsPrec :: Int -> ReadS IssueCertificate # readList :: ReadS [IssueCertificate] # readPrec :: ReadPrec IssueCertificate # readListPrec :: ReadPrec [IssueCertificate] #
Show IssueCertificate Source #
Methods showsPrec :: Int -> IssueCertificate -> ShowS # show :: IssueCertificate -> String # showList :: [IssueCertificate] -> ShowS #
Generic IssueCertificate Source #
Associated Types type Rep IssueCertificate :: * -> * # Methods from :: IssueCertificate -> Rep IssueCertificate x # to :: Rep IssueCertificate x -> IssueCertificate #
Hashable IssueCertificate Source #
Methods hashWithSalt :: Int -> IssueCertificate -> Int # hash :: IssueCertificate -> Int #
ToJSON IssueCertificate Source #
Methods toJSON :: IssueCertificate -> Value # toEncoding :: IssueCertificate -> Encoding # toJSONList :: [IssueCertificate] -> Value # toEncodingList :: [IssueCertificate] -> Encoding #
NFData IssueCertificate Source #
Methods rnf :: IssueCertificate -> () #
AWSRequest IssueCertificate Source #
Associated Types type Rs IssueCertificate :: * # Methods request :: IssueCertificate -> Request IssueCertificate # response :: (MonadResource m, MonadThrow m) => Logger -> Service -> Proxy * IssueCertificate -> ClientResponse -> m (Response IssueCertificate) #
ToHeaders IssueCertificate Source #
Methods toHeaders :: IssueCertificate -> [Header] #
ToPath IssueCertificate Source #
Methods toPath :: IssueCertificate -> ByteString #
ToQuery IssueCertificate Source #
Methods toQuery :: IssueCertificate -> QueryString #
type Rep IssueCertificate Source #
type Rep IssueCertificate = D1 * (MetaData "IssueCertificate" "Network.AWS.CertificateManagerPCA.IssueCertificate" "amazonka-certificatemanager-pca-1.6.0-745TdprsK5d4KxFM63j3hX" False) (C1 * (MetaCons "IssueCertificate'" PrefixI True) ((::) ((::) (S1 * (MetaSel (Just Symbol "_icIdempotencyToken") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe Text))) (S1 * (MetaSel (Just Symbol "_icCertificateAuthorityARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Text))) ((::) (S1 * (MetaSel (Just Symbol "_icCSR") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Base64)) ((::) (S1 * (MetaSel (Just Symbol "_icSigningAlgorithm") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * SigningAlgorithm)) (S1 * (MetaSel (Just Symbol "_icValidity") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Validity))))))
type Rs IssueCertificate Source #
type Rs IssueCertificate = IssueCertificateResponse

Request Lenses

icIdempotencyToken :: Lens' IssueCertificate (Maybe Text) Source #

Custom string that can be used to distinguish between calls to the IssueCertificate function. Idempotency tokens time out after one hour. Therefore, if you call IssueCertificate multiple times with the same idempotency token within 5 minutes, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificates.

icCertificateAuthorityARN :: Lens' IssueCertificate Text Source #

The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority . This must be of the form: arn:aws:acm:region :account :certificate-authority/12345678-1234-1234-1234-123456789012

icCSR :: Lens' IssueCertificate ByteString Source #

The certificate signing request (CSR) for the certificate you want to issue. You can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key. openssl req -new -newkey rsa:2048 -days 365 -keyout privatetest_cert_priv_key.pem -out csrtest_cert_.csr If you have a configuration file, you can use the following OpenSSL command. The usr_cert block in the configuration file contains your X509 version 3 extensions. openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days -365 -keyout privatetest_cert_priv_key.pem -out csrtest_cert_.csr -- Note: This Lens automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This Lens accepts and returns only raw unencoded data.

icSigningAlgorithm :: Lens' IssueCertificate SigningAlgorithm Source #

The name of the algorithm that will be used to sign the certificate to be issued.

icValidity :: Lens' IssueCertificate Validity Source #

The type of the validity period.

Destructuring the Response

issueCertificateResponse Source #

Arguments

:: Int	`icrsResponseStatus`
-> IssueCertificateResponse

Creates a value of IssueCertificateResponse with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

icrsCertificateARN - The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form: arn:aws:acm:region :account :certificate-authority/12345678-1234-1234-1234-123456789012 certificate286535153982981100925020015808220737245
icrsResponseStatus - -- | The response status code.

data IssueCertificateResponse Source #

See: issueCertificateResponse smart constructor.

Instances

Eq IssueCertificateResponse Source #
Methods (==) :: IssueCertificateResponse -> IssueCertificateResponse -> Bool # (/=) :: IssueCertificateResponse -> IssueCertificateResponse -> Bool #
Data IssueCertificateResponse Source #
Methods gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> IssueCertificateResponse -> c IssueCertificateResponse # gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c IssueCertificateResponse # toConstr :: IssueCertificateResponse -> Constr # dataTypeOf :: IssueCertificateResponse -> DataType # dataCast1 :: Typeable (* -> ) t => (forall d. Data d => c (t d)) -> Maybe (c IssueCertificateResponse) # dataCast2 :: Typeable ( -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c IssueCertificateResponse) # gmapT :: (forall b. Data b => b -> b) -> IssueCertificateResponse -> IssueCertificateResponse # gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> IssueCertificateResponse -> r # gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> IssueCertificateResponse -> r # gmapQ :: (forall d. Data d => d -> u) -> IssueCertificateResponse -> [u] # gmapQi :: Int -> (forall d. Data d => d -> u) -> IssueCertificateResponse -> u # gmapM :: Monad m => (forall d. Data d => d -> m d) -> IssueCertificateResponse -> m IssueCertificateResponse # gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> IssueCertificateResponse -> m IssueCertificateResponse # gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> IssueCertificateResponse -> m IssueCertificateResponse #
Read IssueCertificateResponse Source #
Methods readsPrec :: Int -> ReadS IssueCertificateResponse # readList :: ReadS [IssueCertificateResponse] # readPrec :: ReadPrec IssueCertificateResponse # readListPrec :: ReadPrec [IssueCertificateResponse] #
Show IssueCertificateResponse Source #
Methods showsPrec :: Int -> IssueCertificateResponse -> ShowS # show :: IssueCertificateResponse -> String # showList :: [IssueCertificateResponse] -> ShowS #
Generic IssueCertificateResponse Source #
Associated Types type Rep IssueCertificateResponse :: * -> * # Methods from :: IssueCertificateResponse -> Rep IssueCertificateResponse x # to :: Rep IssueCertificateResponse x -> IssueCertificateResponse #
NFData IssueCertificateResponse Source #
Methods rnf :: IssueCertificateResponse -> () #
type Rep IssueCertificateResponse Source #
type Rep IssueCertificateResponse = D1 * (MetaData "IssueCertificateResponse" "Network.AWS.CertificateManagerPCA.IssueCertificate" "amazonka-certificatemanager-pca-1.6.0-745TdprsK5d4KxFM63j3hX" False) (C1 * (MetaCons "IssueCertificateResponse'" PrefixI True) ((::) (S1 * (MetaSel (Just Symbol "_icrsCertificateARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe Text))) (S1 * (MetaSel (Just Symbol "_icrsResponseStatus") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Int))))

Response Lenses

icrsCertificateARN :: Lens' IssueCertificateResponse (Maybe Text) Source #

The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form: arn:aws:acm:region :account :certificate-authority/12345678-1234-1234-1234-123456789012 certificate286535153982981100925020015808220737245

icrsResponseStatus :: Lens' IssueCertificateResponse Int Source #

- | The response status code.