Help Center/
Cloud Certificate Manager/
Best Practices/
Best Practices for Private Certificate Management/
Best Practices of PCA Code Examples/
Example Code for Managing Private Certificates/
Exporting a Certificate
Updated on 2024-12-17 GMT+08:00
Exporting a Certificate
You can export a private certificate, including the certificate body and certificate chain. You can export the certificate in the format you need.
For details, see Parameters for Exporting a Certificate.
import com.huaweicloud.sdk.ccm.v1.CcmClient; import com.huaweicloud.sdk.ccm.v1.model.ExportCertificateRequest; import com.huaweicloud.sdk.ccm.v1.model.ExportCertificateRequestBody; import com.huaweicloud.sdk.ccm.v1.model.ExportCertificateResponse; import com.huaweicloud.sdk.core.auth.GlobalCredentials; /** * Export the private certificate, including the certificate body and certificate chain. You can select the certificate format. */ public class ExportCertificateExample { /** * Basic authentication information: * - ACCESS_KEY: access key of the Huawei Cloud account * - SECRET_ACCESS_KEY: secret access key of the Huawei Cloud account * - DOMAIN_ID: Huawei Cloud account ID. * - CCM_ENDPOINT: Endpoint address for accessing Huawei Cloud CCM (PCA is included in CCM). ......*Hard-coded or plaintext AK and SK are risky. For security, encrypt your AK and SK and store them in the configuration file or environment variables. * In this example, the AK and SK are stored in environment variables for identity authentication. Before running this example, configure environment variables HUAWEICLOUD_SDK_AK and HUAWEICLOUD_SDK_SK. */ private static final String ACCESS_KEY = System.getenv("HUAWEICLOUD_SDK_AK"); private static final String SECRET_ACCESS_KEY = System.getenv("HUAWEICLOUD_SDK_SK"); private static final String DOMAIN_ID = "<DomainID>"; private static final String CCM_ENDPOINT = "<CcmEndpoint>"; public static void main(String[] args) { // 1. Prepare the credentials for accessing Huawei Cloud. PCA is a global service. final GlobalCredentials auth = new GlobalCredentials() .withAk(ACCESS_KEY) .withSk(SECRET_ACCESS_KEY) .withDomainId(DOMAIN_ID); // 2. Initialize the SDK and transfer the credentials and endpoint address of CCM. final CcmClient ccmClient = CcmClient.newBuilder() .withCredential(auth) .withEndpoint(CCM_ENDPOINT).build(); // 3. Make request parameters. // (1) ID of the end-entity certificate you want to export. String certId = "5554a381-af92-4336-a943-811396c87616"; /* (2) Define the export format. (SDKs support only uncompressed files.) - isCompressed: whether to compress the file. The value is a string. The options are true and false. SDKs support only false. - type: export format. Currently, only the following formats are supported in calling SDKs: APACHE: This parameter is recommended if you want to use the certificate for an Apache server. NGINX: This parameter is recommended if you want to use the certificate for an Nginx server. OTHER: This parameter is recommended if you want to download a certificate in PEM format. */ ExportCertificateRequestBody requestBody = new ExportCertificateRequestBody(); requestBody.setType("NGINX"); requestBody.setIsCompressed("false"); // 4. Construct a request body. ExportCertificateRequest request = new ExportCertificateRequest() .withCertificateId(certId) .withBody(requestBody); // 5. Start to send the request. ExportCertificateResponse response; try { response = ccmClient.exportCertificate(request); } catch (Exception e) { throw new RuntimeException(e.getMessage()); } // 6. Obtain the response message. // (1) Obtain the certificate body in PEM format. String certificate = response.getCertificate(); // (2) Obtain the certificate chain in PEM format. String certificateChain = response.getCertificateChain(); System.out.println(response); } }
Parent topic: Example Code for Managing Private Certificates
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot