ListCertificateAuthorities
Lists the private certificate authorities that you created by using the CreateCertificateAuthority action.
Request Syntax
{
"MaxResults": number,
"NextToken": "string",
"ResourceOwner": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- MaxResults
-
Use this parameter when paginating results to specify the maximum number of items to return in the response on each page. If additional items exist beyond the number you specify, the
NextTokenelement is sent in the response. Use thisNextTokenvalue in a subsequent request to retrieve additional items.Although the maximum value is 1000, the action only returns a maximum of 100 items.
Type: Integer
Valid Range: Minimum value of 1. Maximum value of 1000.
Required: No
- NextToken
-
Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of the
NextTokenparameter from the response you just received.Type: String
Length Constraints: Minimum length of 1. Maximum length of 43739.
Required: No
- ResourceOwner
-
Use this parameter to filter the returned set of certificate authorities based on their owner. The default is SELF.
Type: String
Valid Values:
SELF | OTHER_ACCOUNTSRequired: No
Response Syntax
{
"CertificateAuthorities": [
{
"Arn": "string",
"CertificateAuthorityConfiguration": {
"CsrExtensions": {
"KeyUsage": {
"CRLSign": boolean,
"DataEncipherment": boolean,
"DecipherOnly": boolean,
"DigitalSignature": boolean,
"EncipherOnly": boolean,
"KeyAgreement": boolean,
"KeyCertSign": boolean,
"KeyEncipherment": boolean,
"NonRepudiation": boolean
},
"SubjectInformationAccess": [
{
"AccessLocation": {
"DirectoryName": {
"CommonName": "string",
"Country": "string",
"CustomAttributes": [
{
"ObjectIdentifier": "string",
"Value": "string"
}
],
"DistinguishedNameQualifier": "string",
"GenerationQualifier": "string",
"GivenName": "string",
"Initials": "string",
"Locality": "string",
"Organization": "string",
"OrganizationalUnit": "string",
"Pseudonym": "string",
"SerialNumber": "string",
"State": "string",
"Surname": "string",
"Title": "string"
},
"DnsName": "string",
"EdiPartyName": {
"NameAssigner": "string",
"PartyName": "string"
},
"IpAddress": "string",
"OtherName": {
"TypeId": "string",
"Value": "string"
},
"RegisteredId": "string",
"Rfc822Name": "string",
"UniformResourceIdentifier": "string"
},
"AccessMethod": {
"AccessMethodType": "string",
"CustomObjectIdentifier": "string"
}
}
]
},
"KeyAlgorithm": "string",
"SigningAlgorithm": "string",
"Subject": {
"CommonName": "string",
"Country": "string",
"CustomAttributes": [
{
"ObjectIdentifier": "string",
"Value": "string"
}
],
"DistinguishedNameQualifier": "string",
"GenerationQualifier": "string",
"GivenName": "string",
"Initials": "string",
"Locality": "string",
"Organization": "string",
"OrganizationalUnit": "string",
"Pseudonym": "string",
"SerialNumber": "string",
"State": "string",
"Surname": "string",
"Title": "string"
}
},
"CreatedAt": number,
"FailureReason": "string",
"KeyStorageSecurityStandard": "string",
"LastStateChangeAt": number,
"NotAfter": number,
"NotBefore": number,
"OwnerAccount": "string",
"RestorableUntil": number,
"RevocationConfiguration": {
"CrlConfiguration": {
"CrlDistributionPointExtensionConfiguration": {
"OmitExtension": boolean
},
"CrlType": "string",
"CustomCname": "string",
"CustomPath": "string",
"Enabled": boolean,
"ExpirationInDays": number,
"S3BucketName": "string",
"S3ObjectAcl": "string"
},
"OcspConfiguration": {
"Enabled": boolean,
"OcspCustomCname": "string"
}
},
"Serial": "string",
"Status": "string",
"Type": "string",
"UsageMode": "string"
}
],
"NextToken": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- CertificateAuthorities
-
Summary information about each certificate authority you have created.
Type: Array of CertificateAuthority objects
- NextToken
-
When the list is truncated, this value is present and should be used for the
NextTokenparameter in a subsequent pagination request.Type: String
Length Constraints: Minimum length of 1. Maximum length of 43739.
Errors
For information about the errors that are common to all actions, see Common Errors.
- InvalidNextTokenException
-
The token specified in the
NextTokenargument is not valid. Use the token returned from your previous call to ListCertificateAuthorities.HTTP Status Code: 400
Examples
Example
This example illustrates one usage of ListCertificateAuthorities.
Sample Request
POST / HTTP/1.1
Host: acm-pca.amazonaws.com
Accept-Encoding: identity
Content-Length: 18
X-Amz-Target: ACMPrivateCA.ListCertificateAuthorities
X-Amz-Date: 20180226T150214Z
User-Agent: aws-cli/1.14.28 Python/2.7.9 Windows/8 botocore/1.8.32
Content-Type: application/x-amz-json-1.1
Authorization: AWS4-HMAC-SHA256 Credential=Access_Key_ID/20180226/AWS_Region/acm-pca/aws4_request,
SignedHeaders=content-type;host;x-amz-date;x-amz-target,
Signature=580fdd5ac17213a3016252fb1b3e1064b507f415f1b55ef1a42c9d7945d620c1
{"MaxResults": 10}
Example
This example illustrates one usage of ListCertificateAuthorities.
Sample Response
HTTP/1.1 200 OK
Date: Tue, 15 May 2018 15:56:45 GMT
Content-Type: application/x-amz-json-1.1
Content-Length: 5484
x-amzn-RequestId: 9f96be4c-2204-4232-84df-fe5e44d22b22
Connection: keep-alive
{
"CertificateAuthorities": [{
"Arn": "arn:aws:acm-pca:AWS_Region:AWS_Account:certificate-authority/12345678-1234-1234-1234-123456789012",
"CertificateAuthorityConfiguration": {
"KeyAlgorithm": "RSA_2048",
"SigningAlgorithm": "SHA256WITHRSA",
"Subject": {
"CommonName": "www.example.com",
"Locality": "Seattle",
"Organization": "Example Corporation",
"OrganizationalUnit": "Operations",
"State": "Washington"
}
},
"CreatedAt": 1.510085139623E9,
"LastStateChangeAt": 1.515616539109E9,
"NotAfter": 1.825445955E9,
"NotBefore": 1.510085955E9,
"RevocationConfiguration": {
"CrlConfiguration": {
"CustomCname": "https://somename.crl",
"Enabled": true,
"ExpirationInDays": 3650,
"S3BucketName": "your-bucket-name"
}
},
"Serial": "4109",
"Status": "DISABLED",
"Type": "SUBORDINATE"
},
{
"Arn": "arn:aws:acm-pca:AWS_Region:AWS_Account:certificate-authority/11111111-2222-3333-4444-555555555555",
"CertificateAuthorityConfiguration": {
"KeyAlgorithm": "RSA_4096",
"SigningAlgorithm": "SHA256WITHRSA",
"Subject": {
"CommonName": "www.examplesales.com",
"Country": "US",
"Locality": "Spokane",
"Organization": "Example Sales LLC",
"OrganizationalUnit": "Corporate",
"State": "Washington"
}
},
"CreatedAt": 1.517421065699E9,
"LastStateChangeAt": 1.517421065699E9,
"RevocationConfiguration": {
"CrlConfiguration": {
"CustomCname": "https://somename.crl",
"Enabled": true,
"ExpirationInDays": 3650,
"S3BucketName": "your-bucket-name"
}
},
"Serial": "3611",
"Status": "PENDING_CERTIFICATE",
"Type": "SUBORDINATE"
},
{
"Arn": "arn:aws:acm-pca:AWS_Region:AWS_Account:certificate-authority/99999999-4321-1234-4321-4321-888888888888",
"CertificateAuthorityConfiguration": {
"KeyAlgorithm": "RSA_2048",
"SigningAlgorithm": "SHA256WITHRSA",
"Subject": {
"CommonName": "www.company.com",
"Country": "US",
"Locality": "Seattle",
"Organization": "Company Ltd.",
"OrganizationalUnit": "Sales",
"State": "Washington"
}
},
"CreatedAt": 1.505332492167E9,
"LastStateChangeAt": 1.505332492167E9,
"NotAfter": 1.820697079E9,
"NotBefore": 1.505337079E9,
"RevocationConfiguration": {
"CrlConfiguration": {
"CustomCname": "https://somename.crl",
"Enabled": true,
"ExpirationInDays": 3650,
"S3BucketName": "your-bucket-name"
}
},
"Serial": "4100",
"Status": "ACTIVE",
"Type": "SUBORDINATE"
}
]
}
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
