| Copyright | (c) 2013-2023 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Amazonka.CertificateManager.ExportCertificate
Description
Exports a private certificate issued by a private certificate authority (CA) for use anywhere. The exported file contains the certificate, the certificate chain, and the encrypted private 2048-bit RSA key associated with the public key that is embedded in the certificate. For security, you must assign a passphrase for the private key when exporting it.
For information about exporting and formatting a certificate using the ACM console or CLI, see Export a Private Certificate.
Synopsis
- data ExportCertificate = ExportCertificate' {}
- newExportCertificate :: Text -> ByteString -> ExportCertificate
- exportCertificate_certificateArn :: Lens' ExportCertificate Text
- exportCertificate_passphrase :: Lens' ExportCertificate ByteString
- data ExportCertificateResponse = ExportCertificateResponse' {
- certificate :: Maybe Text
- certificateChain :: Maybe Text
- privateKey :: Maybe (Sensitive Text)
- httpStatus :: Int
- newExportCertificateResponse :: Int -> ExportCertificateResponse
- exportCertificateResponse_certificate :: Lens' ExportCertificateResponse (Maybe Text)
- exportCertificateResponse_certificateChain :: Lens' ExportCertificateResponse (Maybe Text)
- exportCertificateResponse_privateKey :: Lens' ExportCertificateResponse (Maybe Text)
- exportCertificateResponse_httpStatus :: Lens' ExportCertificateResponse Int
Creating a Request
data ExportCertificate Source #
See: newExportCertificate smart constructor.
Constructors
| ExportCertificate' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> ByteString | |
| -> ExportCertificate |
Create a value of ExportCertificate with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
ExportCertificate, exportCertificate_certificateArn - An Amazon Resource Name (ARN) of the issued certificate. This must be of
the form:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012
$sel:passphrase:ExportCertificate', exportCertificate_passphrase - Passphrase to associate with the encrypted exported private key.
When creating your passphrase, you can use any ASCII character except #, $, or %.
If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key. After entering the command, you are prompted for the passphrase.
openssl rsa -in encrypted_key.pem -out decrypted_key.pem--
-- Note: This Lens automatically encodes and decodes Base64 data.
-- The underlying isomorphism will encode to Base64 representation during
-- serialisation, and decode from Base64 representation during deserialisation.
-- This Lens accepts and returns only raw unencoded data.
Request Lenses
exportCertificate_certificateArn :: Lens' ExportCertificate Text Source #
An Amazon Resource Name (ARN) of the issued certificate. This must be of the form:
arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012
exportCertificate_passphrase :: Lens' ExportCertificate ByteString Source #
Passphrase to associate with the encrypted exported private key.
When creating your passphrase, you can use any ASCII character except #, $, or %.
If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key. After entering the command, you are prompted for the passphrase.
openssl rsa -in encrypted_key.pem -out decrypted_key.pem--
-- Note: This Lens automatically encodes and decodes Base64 data.
-- The underlying isomorphism will encode to Base64 representation during
-- serialisation, and decode from Base64 representation during deserialisation.
-- This Lens accepts and returns only raw unencoded data.
Destructuring the Response
data ExportCertificateResponse Source #
See: newExportCertificateResponse smart constructor.
Constructors
| ExportCertificateResponse' | |
Fields
| |
Instances
newExportCertificateResponse Source #
Create a value of ExportCertificateResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:certificate:ExportCertificateResponse', exportCertificateResponse_certificate - The base64 PEM-encoded certificate.
$sel:certificateChain:ExportCertificateResponse', exportCertificateResponse_certificateChain - The base64 PEM-encoded certificate chain. This does not include the
certificate that you are exporting.
$sel:privateKey:ExportCertificateResponse', exportCertificateResponse_privateKey - The encrypted private key associated with the public key in the
certificate. The key is output in PKCS #8 format and is base64
PEM-encoded.
$sel:httpStatus:ExportCertificateResponse', exportCertificateResponse_httpStatus - The response's http status code.
Response Lenses
exportCertificateResponse_certificate :: Lens' ExportCertificateResponse (Maybe Text) Source #
The base64 PEM-encoded certificate.
exportCertificateResponse_certificateChain :: Lens' ExportCertificateResponse (Maybe Text) Source #
The base64 PEM-encoded certificate chain. This does not include the certificate that you are exporting.
exportCertificateResponse_privateKey :: Lens' ExportCertificateResponse (Maybe Text) Source #
The encrypted private key associated with the public key in the certificate. The key is output in PKCS #8 format and is base64 PEM-encoded.
exportCertificateResponse_httpStatus :: Lens' ExportCertificateResponse Int Source #
The response's http status code.