PaymentCryptographyControlPlane / Client / get_public_key_certificate

get_public_key_certificate#

PaymentCryptographyControlPlane.Client.get_public_key_certificate(**kwargs)#

Gets the public key certificate of the asymmetric key pair that exists within Amazon Web Services Payment Cryptography.

Unlike the private key of an asymmetric key, which never leaves Amazon Web Services Payment Cryptography unencrypted, callers with GetPublicKeyCertificate permission can download the public key certificate of the asymmetric key. You can share the public key certificate to allow others to encrypt messages and verify signatures outside of Amazon Web Services Payment Cryptography

Cross-account use: This operation can’t be used across different Amazon Web Services accounts.

See also: AWS API Documentation

Request Syntax

response = client.get_public_key_certificate(
    KeyIdentifier='string'
)
Parameters:

KeyIdentifier (string) –

[REQUIRED]

The KeyARN of the asymmetric key pair.

Return type:

dict

Returns:

Response Syntax

{
    'KeyCertificate': 'string',
    'KeyCertificateChain': 'string'
}

Response Structure

  • (dict) –

    • KeyCertificate (string) –

      The public key component of the asymmetric key pair in a certificate PEM format (base64 encoded). It is signed by the root certificate authority (CA). The certificate expires in 90 days.

    • KeyCertificateChain (string) –

      The root certificate authority (CA) that signed the public key certificate in PEM format (base64 encoded) of the asymmetric key pair.

Exceptions

  • PaymentCryptographyControlPlane.Client.exceptions.ServiceUnavailableException

  • PaymentCryptographyControlPlane.Client.exceptions.ValidationException

  • PaymentCryptographyControlPlane.Client.exceptions.AccessDeniedException

  • PaymentCryptographyControlPlane.Client.exceptions.ResourceNotFoundException

  • PaymentCryptographyControlPlane.Client.exceptions.ThrottlingException

  • PaymentCryptographyControlPlane.Client.exceptions.InternalServerException