Struct aws_sdk_acmpca::client::fluent_builders::RevokeCertificate
source · [−]pub struct RevokeCertificate { /* private fields */ }
Expand description
Fluent builder constructing a request to RevokeCertificate
.
Revokes a certificate that was issued inside ACM Private CA. If you enable a certificate revocation list (CRL) when you create or update your private CA, information about the revoked certificates will be included in the CRL. ACM Private CA writes the CRL to an S3 bucket that you specify. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason the CRL update fails, ACM Private CA attempts makes further attempts every 15 minutes. With Amazon CloudWatch, you can create alarms for the metrics CRLGenerated
and MisconfiguredCRLBucket
. For more information, see Supported CloudWatch Metrics.
Both PCA and the IAM principal must have permission to write to the S3 bucket that you specify. If the IAM principal making the call does not have permission to write to the bucket, then an exception is thrown. For more information, see Configure Access to ACM Private CA.
ACM Private CA also writes revocation information to the audit report. For more information, see CreateCertificateAuthorityAuditReport.
You cannot revoke a root CA self-signed certificate.
Implementations
sourceimpl RevokeCertificate
impl RevokeCertificate
sourcepub async fn send(
self
) -> Result<RevokeCertificateOutput, SdkError<RevokeCertificateError>>
pub async fn send(
self
) -> Result<RevokeCertificateOutput, SdkError<RevokeCertificateError>>
Sends the request and returns the response.
If an error occurs, an SdkError
will be returned with additional details that
can be matched against.
By default, any retryable failures will be retried twice. Retry behavior is configurable with the RetryConfig, which can be set when configuring the client.
Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
sourcepub fn certificate_serial(self, input: impl Into<String>) -> Self
pub fn certificate_serial(self, input: impl Into<String>) -> Self
Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling GetCertificate with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The GetCertificate action retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.
openssl x509 -in file_path -text -noout
You can also copy the serial number from the console or use the DescribeCertificate action in the AWS Certificate Manager API Reference.
sourcepub fn set_certificate_serial(self, input: Option<String>) -> Self
pub fn set_certificate_serial(self, input: Option<String>) -> Self
Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling GetCertificate with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The GetCertificate action retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.
openssl x509 -in file_path -text -noout
You can also copy the serial number from the console or use the DescribeCertificate action in the AWS Certificate Manager API Reference.
sourcepub fn revocation_reason(self, input: RevocationReason) -> Self
pub fn revocation_reason(self, input: RevocationReason) -> Self
Specifies why you revoked the certificate.
sourcepub fn set_revocation_reason(self, input: Option<RevocationReason>) -> Self
pub fn set_revocation_reason(self, input: Option<RevocationReason>) -> Self
Specifies why you revoked the certificate.
Trait Implementations
sourceimpl Clone for RevokeCertificate
impl Clone for RevokeCertificate
sourcefn clone(&self) -> RevokeCertificate
fn clone(&self) -> RevokeCertificate
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
Auto Trait Implementations
impl !RefUnwindSafe for RevokeCertificate
impl Send for RevokeCertificate
impl Sync for RevokeCertificate
impl Unpin for RevokeCertificate
impl !UnwindSafe for RevokeCertificate
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more