ACMPCA / Client / restore_certificate_authority
restore_certificate_authority#
- ACMPCA.Client.restore_certificate_authority(**kwargs)#
Restores a certificate authority (CA) that is in the
DELETEDstate. You can restore a CA during the period that you defined in the PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthority action. Currently, you can specify 7 to 30 days. If you did not specify a PermanentDeletionTimeInDays value, by default you can restore the CA at any time in a 30 day period. You can check the time remaining in the restoration period of a private CA in theDELETEDstate by calling the DescribeCertificateAuthority or ListCertificateAuthorities actions. The status of a restored CA is set to its pre-deletion status when the RestoreCertificateAuthority action returns. To change its status toACTIVE, call the UpdateCertificateAuthority action. If the private CA was in thePENDING_CERTIFICATEstate at deletion, you must use the ImportCertificateAuthorityCertificate action to import a certificate authority into the private CA before it can be activated. You cannot restore a CA after the restoration period has ended.See also: AWS API Documentation
Request Syntax
response = client.restore_certificate_authority( CertificateAuthorityArn='string' )
- Parameters:
CertificateAuthorityArn (string) –
[REQUIRED]
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012- Returns:
None
Exceptions
ACMPCA.Client.exceptions.ResourceNotFoundExceptionACMPCA.Client.exceptions.InvalidStateExceptionACMPCA.Client.exceptions.InvalidArnException