表題について。
■ 環境
- awscli 1.14.30
- Mac OSX El Capitan
■ describe-certificate
個々の証明書についての情報を取得できる。オプションに”–certificate-arn“は必須であり、`aws acm list-certificates`の結果が必要である。
$ aws acm list-certificates
{
"CertificateSummaryList": [
{
"CertificateArn": "arn:aws:acm:ap-northeast-1:XXXXXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"DomainName": "www.withsin.net"
},
:
]
}
$
$ aws acm describe-certificate --certificate-arn arn:aws:acm:ap-northeast-1:XXXXXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
{
"Certificate": {
"CertificateArn": "arn:aws:acm:ap-northeast-1:XXXXXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"DomainName": "www.withsin.net",
"SubjectAlternativeNames": [
"www.withsin.net"
],
"DomainValidationOptions": [
{
"DomainName": "www.withsin.net",
"ValidationStatus": "SUCCESS",
"ResourceRecord": {
:
},
"ValidationMethod": "DNS"
}
],
"Serial": "XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX",
"Subject": "CN=www.withsin.net",
"Issuer": "Amazon",
:
"Status": "ISSUED",
:
"KeyAlgorithm": "RSA-2048",
"SignatureAlgorithm": "SHA256WITHRSA",
"InUseBy": [
"arn:aws:elasticloadbalancing:ap-northeast-1:XXXXXXXXXXXX:loadbalancer/app/withsin/XXXXXXXXXXXXXXXX"
],
"Type": "AMAZON_ISSUED",
:
}
}
$
結構いろいろわかる。”ACMで発行された証明書”であるとか。ManagementConsoleでは一覧画面で出ている内容である。ちなみにインポートした証明書の場合は下記のようになっていた。
$ aws acm describe-certificate --certificate-arn arn:aws:acm:ap-northeast-1:XXXXXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
{
:
"Serial": "XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX",
"Subject": "CN=blog.withsin.net",
"Issuer": "GeoTrust Inc.",
"ImportedAt": XXXXXXXX.0, :
"Status": "ISSUED",
:
"Type": "AMAZON_ISSUED",
:
}
$
以上。