DirectoryService / Client / describe_certificate
describe_certificate#
- DirectoryService.Client.describe_certificate(**kwargs)#
Displays information about the certificate registered for secure LDAP or client certificate authentication.
See also: AWS API Documentation
Request Syntax
response = client.describe_certificate( DirectoryId='string', CertificateId='string' )
- Parameters:
DirectoryId (string) –
[REQUIRED]
The identifier of the directory.
CertificateId (string) –
[REQUIRED]
The identifier of the certificate.
- Return type:
dict
- Returns:
Response Syntax
{ 'Certificate': { 'CertificateId': 'string', 'State': 'Registering'|'Registered'|'RegisterFailed'|'Deregistering'|'Deregistered'|'DeregisterFailed', 'StateReason': 'string', 'CommonName': 'string', 'RegisteredDateTime': datetime(2015, 1, 1), 'ExpiryDateTime': datetime(2015, 1, 1), 'Type': 'ClientCertAuth'|'ClientLDAPS', 'ClientCertAuthSettings': { 'OCSPUrl': 'string' } } }
Response Structure
(dict) –
Certificate (dict) –
Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.
CertificateId (string) –
The identifier of the certificate.
State (string) –
The state of the certificate.
StateReason (string) –
Describes a state change for the certificate.
CommonName (string) –
The common name for the certificate.
RegisteredDateTime (datetime) –
The date and time that the certificate was registered.
ExpiryDateTime (datetime) –
The date and time when the certificate will expire.
Type (string) –
The function that the registered certificate performs. Valid values include
ClientLDAPS
orClientCertAuth
. The default value isClientLDAPS
.ClientCertAuthSettings (dict) –
A
ClientCertAuthSettings
object that contains client certificate authentication settings.OCSPUrl (string) –
Specifies the URL of the default OCSP server used to check for revocation status. A secondary value to any OCSP address found in the AIA extension of the user certificate.
Exceptions