Select your cookie preferences

We use cookies and similar tools to enhance your experience, provide our services, deliver relevant advertising, and make improvements. Approved third parties also use these tools to help us deliver advertising and provide certain site features.

Table Of Contents

  1. Docs
  2. Available services
  3. DirectoryService
  4. describe_certificate

describe_certificate

describe_certificate(**kwargs)

Displays information about the certificate registered for secure LDAP or client certificate authentication.

See also: AWS API Documentation

Request Syntax

response = client.describe_certificate(
    DirectoryId='string',
    CertificateId='string'
)
Parameters
  • DirectoryId (string) --

    [REQUIRED]

    The identifier of the directory.

  • CertificateId (string) --

    [REQUIRED]

    The identifier of the certificate.

Return type

dict

Returns

Response Syntax

{
    'Certificate': {
        'CertificateId': 'string',
        'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed',
        'StateReason': 'string',
        'CommonName': 'string',
        'RegisteredDateTime': datetime(2015, 1, 1),
        'ExpiryDateTime': datetime(2015, 1, 1),
        'Type': 'ClientCertAuth'|'ClientLDAPS',
        'ClientCertAuthSettings': {
            'OCSPUrl': 'string'
        }
    }
}

Response Structure

  • (dict) --

    • Certificate (dict) --

      Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.

      • CertificateId (string) --

        The identifier of the certificate.

      • State (string) --

        The state of the certificate.

      • StateReason (string) --

        Describes a state change for the certificate.

      • CommonName (string) --

        The common name for the certificate.

      • RegisteredDateTime (datetime) --

        The date and time that the certificate was registered.

      • ExpiryDateTime (datetime) --

        The date and time when the certificate will expire.

      • Type (string) --

        The function that the registered certificate performs. Valid values include ClientLDAPS or ClientCertAuth . The default value is ClientLDAPS .

      • ClientCertAuthSettings (dict) --

        A ClientCertAuthSettings object that contains client certificate authentication settings.

        • OCSPUrl (string) --

          Specifies the URL of the default OCSP server used to check for revocation status. A secondary value to any OCSP address found in the AIA extension of the user certificate.

Exceptions

  • DirectoryService.Client.exceptions.DirectoryDoesNotExistException
  • DirectoryService.Client.exceptions.UnsupportedOperationException
  • DirectoryService.Client.exceptions.CertificateDoesNotExistException
  • DirectoryService.Client.exceptions.InvalidParameterException
  • DirectoryService.Client.exceptions.ClientException
  • DirectoryService.Client.exceptions.ServiceException
deregister_event_topic
describe_client_authentication_settings
Privacy | Site Terms | Cookie preferences | © Copyright 2023, Amazon Web Services, Inc. Created using Sphinx.