| Copyright | (c) 2013-2023 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Amazonka.IoT.CreateCertificateFromCsr
Description
Creates an X.509 certificate using the specified certificate signing request.
Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256, NIST P-384, or NIST P-512 curves. For supported certificates, consult Certificate signing algorithms supported by IoT.
Note: Reusing the same certificate signing request (CSR) results in a distinct certificate.
Requires permission to access the CreateCertificateFromCsr action.
You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.
Assuming a set of CSRs are located inside of the directory my-csr-directory:
On Linux and OS X, the command is:
$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr Amazon Web Services CLI command to create a certificate for the corresponding CSR.
The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:
$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}
On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:
ls -Name my-csr-directory | %{aws iot create-certificate-from-csr- -certificate-signing-request file://my-csr-directory/$_}
On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:
forfiles \/p my-csr-directory \/c \"cmd \/c aws iot
create-certificate-from-csr --certificate-signing-request file://@path"
Synopsis
- data CreateCertificateFromCsr = CreateCertificateFromCsr' {}
- newCreateCertificateFromCsr :: Text -> CreateCertificateFromCsr
- createCertificateFromCsr_setAsActive :: Lens' CreateCertificateFromCsr (Maybe Bool)
- createCertificateFromCsr_certificateSigningRequest :: Lens' CreateCertificateFromCsr Text
- data CreateCertificateFromCsrResponse = CreateCertificateFromCsrResponse' {}
- newCreateCertificateFromCsrResponse :: Int -> CreateCertificateFromCsrResponse
- createCertificateFromCsrResponse_certificateArn :: Lens' CreateCertificateFromCsrResponse (Maybe Text)
- createCertificateFromCsrResponse_certificateId :: Lens' CreateCertificateFromCsrResponse (Maybe Text)
- createCertificateFromCsrResponse_certificatePem :: Lens' CreateCertificateFromCsrResponse (Maybe Text)
- createCertificateFromCsrResponse_httpStatus :: Lens' CreateCertificateFromCsrResponse Int
Creating a Request
data CreateCertificateFromCsr Source #
The input for the CreateCertificateFromCsr operation.
See: newCreateCertificateFromCsr smart constructor.
Constructors
| CreateCertificateFromCsr' | |
Fields
| |
Instances
newCreateCertificateFromCsr Source #
Create a value of CreateCertificateFromCsr with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:setAsActive:CreateCertificateFromCsr', createCertificateFromCsr_setAsActive - Specifies whether the certificate is active.
$sel:certificateSigningRequest:CreateCertificateFromCsr', createCertificateFromCsr_certificateSigningRequest - The certificate signing request (CSR).
Request Lenses
createCertificateFromCsr_setAsActive :: Lens' CreateCertificateFromCsr (Maybe Bool) Source #
Specifies whether the certificate is active.
createCertificateFromCsr_certificateSigningRequest :: Lens' CreateCertificateFromCsr Text Source #
The certificate signing request (CSR).
Destructuring the Response
data CreateCertificateFromCsrResponse Source #
The output from the CreateCertificateFromCsr operation.
See: newCreateCertificateFromCsrResponse smart constructor.
Constructors
| CreateCertificateFromCsrResponse' | |
Fields
| |
Instances
newCreateCertificateFromCsrResponse Source #
Create a value of CreateCertificateFromCsrResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
CreateCertificateFromCsrResponse, createCertificateFromCsrResponse_certificateArn - The Amazon Resource Name (ARN) of the certificate. You can use the ARN
as a principal for policy operations.
CreateCertificateFromCsrResponse, createCertificateFromCsrResponse_certificateId - The ID of the certificate. Certificate management operations only take a
certificateId.
CreateCertificateFromCsrResponse, createCertificateFromCsrResponse_certificatePem - The certificate data, in PEM format.
$sel:httpStatus:CreateCertificateFromCsrResponse', createCertificateFromCsrResponse_httpStatus - The response's http status code.
Response Lenses
createCertificateFromCsrResponse_certificateArn :: Lens' CreateCertificateFromCsrResponse (Maybe Text) Source #
The Amazon Resource Name (ARN) of the certificate. You can use the ARN as a principal for policy operations.
createCertificateFromCsrResponse_certificateId :: Lens' CreateCertificateFromCsrResponse (Maybe Text) Source #
The ID of the certificate. Certificate management operations only take a certificateId.
createCertificateFromCsrResponse_certificatePem :: Lens' CreateCertificateFromCsrResponse (Maybe Text) Source #
The certificate data, in PEM format.
createCertificateFromCsrResponse_httpStatus :: Lens' CreateCertificateFromCsrResponse Int Source #
The response's http status code.