ACMPCA / Client / get_certificate_authority_certificate

get_certificate_authority_certificate#

ACMPCA.Client.get_certificate_authority_certificate(**kwargs)#

Retrieves the certificate and certificate chain for your private certificate authority (CA) or one that has been shared with you. Both the certificate and the chain are base64 PEM-encoded. The chain does not include the CA certificate. Each certificate in the chain signs the one before it.

See also: AWS API Documentation

Request Syntax

response = client.get_certificate_authority_certificate(
    CertificateAuthorityArn='string'
)
Parameters:

CertificateAuthorityArn (string) –

[REQUIRED]

The Amazon Resource Name (ARN) of your private CA. This is of the form:

``arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 ``.

Return type:

dict

Returns:

Response Syntax

{
    'Certificate': 'string',
    'CertificateChain': 'string'
}

Response Structure

  • (dict) –

    • Certificate (string) –

      Base64-encoded certificate authority (CA) certificate.

    • CertificateChain (string) –

      Base64-encoded certificate chain that includes any intermediate certificates and chains up to root certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. If this is a root CA, the value will be null.

Exceptions

  • ACMPCA.Client.exceptions.ResourceNotFoundException

  • ACMPCA.Client.exceptions.InvalidArnException

  • ACMPCA.Client.exceptions.InvalidStateException