Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Exports a private certificate issued by a private certificate authority (CA) for use anywhere. The exported file contains the certificate, the certificate chain, and the encrypted private 2048-bit RSA key associated with the public key that is embedded in the certificate. For security, you must assign a passphrase for the private key when exporting it.
For information about exporting and formatting a certificate using the ACM console or CLI, see Export a Private Certificate.
Synopsis
- data ExportCertificate = ExportCertificate' {}
- newExportCertificate :: Text -> ByteString -> ExportCertificate
- exportCertificate_certificateArn :: Lens' ExportCertificate Text
- exportCertificate_passphrase :: Lens' ExportCertificate ByteString
- data ExportCertificateResponse = ExportCertificateResponse' {
- certificate :: Maybe Text
- certificateChain :: Maybe Text
- privateKey :: Maybe (Sensitive Text)
- httpStatus :: Int
- newExportCertificateResponse :: Int -> ExportCertificateResponse
- exportCertificateResponse_certificate :: Lens' ExportCertificateResponse (Maybe Text)
- exportCertificateResponse_certificateChain :: Lens' ExportCertificateResponse (Maybe Text)
- exportCertificateResponse_privateKey :: Lens' ExportCertificateResponse (Maybe Text)
- exportCertificateResponse_httpStatus :: Lens' ExportCertificateResponse Int
Creating a Request
data ExportCertificate Source #
See: newExportCertificate
smart constructor.
ExportCertificate' | |
|
Instances
Create a value of ExportCertificate
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ExportCertificate
, exportCertificate_certificateArn
- An Amazon Resource Name (ARN) of the issued certificate. This must be of
the form:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012
$sel:passphrase:ExportCertificate'
, exportCertificate_passphrase
- Passphrase to associate with the encrypted exported private key.
When creating your passphrase, you can use any ASCII character except #, $, or %.
If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key. After entering the command, you are prompted for the passphrase.
openssl rsa -in encrypted_key.pem -out decrypted_key.pem
--
-- Note: This Lens
automatically encodes and decodes Base64 data.
-- The underlying isomorphism will encode to Base64 representation during
-- serialisation, and decode from Base64 representation during deserialisation.
-- This Lens
accepts and returns only raw unencoded data.
Request Lenses
exportCertificate_certificateArn :: Lens' ExportCertificate Text Source #
An Amazon Resource Name (ARN) of the issued certificate. This must be of the form:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012
exportCertificate_passphrase :: Lens' ExportCertificate ByteString Source #
Passphrase to associate with the encrypted exported private key.
When creating your passphrase, you can use any ASCII character except #, $, or %.
If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key. After entering the command, you are prompted for the passphrase.
openssl rsa -in encrypted_key.pem -out decrypted_key.pem
--
-- Note: This Lens
automatically encodes and decodes Base64 data.
-- The underlying isomorphism will encode to Base64 representation during
-- serialisation, and decode from Base64 representation during deserialisation.
-- This Lens
accepts and returns only raw unencoded data.
Destructuring the Response
data ExportCertificateResponse Source #
See: newExportCertificateResponse
smart constructor.
ExportCertificateResponse' | |
|
Instances
newExportCertificateResponse Source #
Create a value of ExportCertificateResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:certificate:ExportCertificateResponse'
, exportCertificateResponse_certificate
- The base64 PEM-encoded certificate.
$sel:certificateChain:ExportCertificateResponse'
, exportCertificateResponse_certificateChain
- The base64 PEM-encoded certificate chain. This does not include the
certificate that you are exporting.
$sel:privateKey:ExportCertificateResponse'
, exportCertificateResponse_privateKey
- The encrypted private key associated with the public key in the
certificate. The key is output in PKCS #8 format and is base64
PEM-encoded.
$sel:httpStatus:ExportCertificateResponse'
, exportCertificateResponse_httpStatus
- The response's http status code.
Response Lenses
exportCertificateResponse_certificate :: Lens' ExportCertificateResponse (Maybe Text) Source #
The base64 PEM-encoded certificate.
exportCertificateResponse_certificateChain :: Lens' ExportCertificateResponse (Maybe Text) Source #
The base64 PEM-encoded certificate chain. This does not include the certificate that you are exporting.
exportCertificateResponse_privateKey :: Lens' ExportCertificateResponse (Maybe Text) Source #
The encrypted private key associated with the public key in the certificate. The key is output in PKCS #8 format and is base64 PEM-encoded.
exportCertificateResponse_httpStatus :: Lens' ExportCertificateResponse Int Source #
The response's http status code.