amazonka-certificatemanager-1.6.0: Amazon Certificate Manager SDK.

Copyright(c) 2013-2018 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone
LanguageHaskell2010

Network.AWS.CertificateManager.ExportCertificate

Contents

Description

Exports a private certificate issued by a private certificate authority (CA) for use anywhere. You can export the certificate, the certificate chain, and the encrypted private key associated with the public key embedded in the certificate. You must store the private key securely. The private key is a 2048 bit RSA key. You must provide a passphrase for the private key when exporting it. You can use the following OpenSSL command to decrypt it later. Provide the passphrase when prompted.

openssl rsa -in encrypted_key.pem -out decrypted_key.pem

Synopsis

Creating a Request

exportCertificate #

Creates a value of ExportCertificate with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

  • ecCertificateARN - An Amazon Resource Name (ARN) of the issued certificate. This must be of the form: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012
  • ecPassphrase - Passphrase to associate with the encrypted exported private key. If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key: openssl rsa -in encrypted_key.pem -out decrypted_key.pem -- Note: This Lens automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This Lens accepts and returns only raw unencoded data.

data ExportCertificate #

See: exportCertificate smart constructor.

Instances

Eq ExportCertificate # 
Data ExportCertificate # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> ExportCertificate -> c ExportCertificate #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c ExportCertificate #

toConstr :: ExportCertificate -> Constr #

dataTypeOf :: ExportCertificate -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c ExportCertificate) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c ExportCertificate) #

gmapT :: (forall b. Data b => b -> b) -> ExportCertificate -> ExportCertificate #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> ExportCertificate -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> ExportCertificate -> r #

gmapQ :: (forall d. Data d => d -> u) -> ExportCertificate -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> ExportCertificate -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> ExportCertificate -> m ExportCertificate #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> ExportCertificate -> m ExportCertificate #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> ExportCertificate -> m ExportCertificate #

Show ExportCertificate # 
Generic ExportCertificate # 
Hashable ExportCertificate # 
ToJSON ExportCertificate # 
NFData ExportCertificate # 

Methods

rnf :: ExportCertificate -> () #

AWSRequest ExportCertificate # 
ToHeaders ExportCertificate # 
ToPath ExportCertificate # 
ToQuery ExportCertificate # 
type Rep ExportCertificate # 
type Rep ExportCertificate = D1 * (MetaData "ExportCertificate" "Network.AWS.CertificateManager.ExportCertificate" "amazonka-certificatemanager-1.6.0-GpvTF8uBUZ411nDfaRkpyP" False) (C1 * (MetaCons "ExportCertificate'" PrefixI True) ((:*:) * (S1 * (MetaSel (Just Symbol "_ecCertificateARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Text)) (S1 * (MetaSel (Just Symbol "_ecPassphrase") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Sensitive Base64)))))
type Rs ExportCertificate # 

Request Lenses

ecCertificateARN :: Lens' ExportCertificate Text #

An Amazon Resource Name (ARN) of the issued certificate. This must be of the form: arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012

ecPassphrase :: Lens' ExportCertificate ByteString #

Passphrase to associate with the encrypted exported private key. If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key: openssl rsa -in encrypted_key.pem -out decrypted_key.pem -- Note: This Lens automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This Lens accepts and returns only raw unencoded data.

Destructuring the Response

exportCertificateResponse #

Creates a value of ExportCertificateResponse with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

data ExportCertificateResponse #

See: exportCertificateResponse smart constructor.

Instances

Eq ExportCertificateResponse # 
Data ExportCertificateResponse # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> ExportCertificateResponse -> c ExportCertificateResponse #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c ExportCertificateResponse #

toConstr :: ExportCertificateResponse -> Constr #

dataTypeOf :: ExportCertificateResponse -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c ExportCertificateResponse) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c ExportCertificateResponse) #

gmapT :: (forall b. Data b => b -> b) -> ExportCertificateResponse -> ExportCertificateResponse #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> ExportCertificateResponse -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> ExportCertificateResponse -> r #

gmapQ :: (forall d. Data d => d -> u) -> ExportCertificateResponse -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> ExportCertificateResponse -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> ExportCertificateResponse -> m ExportCertificateResponse #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> ExportCertificateResponse -> m ExportCertificateResponse #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> ExportCertificateResponse -> m ExportCertificateResponse #

Show ExportCertificateResponse # 
Generic ExportCertificateResponse # 
NFData ExportCertificateResponse # 
type Rep ExportCertificateResponse # 
type Rep ExportCertificateResponse = D1 * (MetaData "ExportCertificateResponse" "Network.AWS.CertificateManager.ExportCertificate" "amazonka-certificatemanager-1.6.0-GpvTF8uBUZ411nDfaRkpyP" False) (C1 * (MetaCons "ExportCertificateResponse'" PrefixI True) ((:*:) * ((:*:) * (S1 * (MetaSel (Just Symbol "_ecrsPrivateKey") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe (Sensitive Text)))) (S1 * (MetaSel (Just Symbol "_ecrsCertificate") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe Text)))) ((:*:) * (S1 * (MetaSel (Just Symbol "_ecrsCertificateChain") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe Text))) (S1 * (MetaSel (Just Symbol "_ecrsResponseStatus") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Int)))))

Response Lenses

ecrsPrivateKey :: Lens' ExportCertificateResponse (Maybe Text) #

The PEM-encoded private key associated with the public key in the certificate.

ecrsCertificate :: Lens' ExportCertificateResponse (Maybe Text) #

The base64 PEM-encoded certificate.

ecrsCertificateChain :: Lens' ExportCertificateResponse (Maybe Text) #

The base64 PEM-encoded certificate chain. This does not include the certificate that you are exporting.

ecrsResponseStatus :: Lens' ExportCertificateResponse Int #

  • - | The response status code.