list_certificates_by_ca
(**kwargs)¶List the device certificates signed by the specified CA certificate.
Requires permission to access the ListCertificatesByCA action.
See also: AWS API Documentation
Request Syntax
response = client.list_certificates_by_ca(
caCertificateId='string',
pageSize=123,
marker='string',
ascendingOrder=True|False
)
[REQUIRED]
The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.
dict
Response Syntax
{
'certificates': [
{
'certificateArn': 'string',
'certificateId': 'string',
'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION',
'certificateMode': 'DEFAULT'|'SNI_ONLY',
'creationDate': datetime(2015, 1, 1)
},
],
'nextMarker': 'string'
}
Response Structure
(dict) --
The output of the ListCertificatesByCA operation.
certificates (list) --
The device certificates signed by the specified CA certificate.
(dict) --
Information about a certificate.
certificateArn (string) --
The ARN of the certificate.
certificateId (string) --
The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
status (string) --
The status of the certificate.
The status value REGISTER_INACTIVE is deprecated and should not be used.
certificateMode (string) --
The mode of the certificate.
DEFAULT
: A certificate inDEFAULT
mode is either generated by Amazon Web Services IoT Core or registered with an issuer certificate authority (CA) inDEFAULT
mode. Devices with certificates inDEFAULT
mode aren't required to send the Server Name Indication (SNI) extension when connecting to Amazon Web Services IoT Core. However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to Amazon Web Services IoT Core.
SNI_ONLY
: A certificate inSNI_ONLY
mode is registered without an issuer CA. Devices with certificates inSNI_ONLY
mode must send the SNI extension when connecting to Amazon Web Services IoT Core.
creationDate (datetime) --
The date and time the certificate was created.
nextMarker (string) --
The marker for the next set of results, or null if there are no additional results.
Exceptions
IoT.Client.exceptions.InvalidRequestException
IoT.Client.exceptions.ThrottlingException
IoT.Client.exceptions.UnauthorizedException
IoT.Client.exceptions.ServiceUnavailableException
IoT.Client.exceptions.InternalFailureException