createCertificateFromCsr method

Future<CreateCertificateFromCsrResponse> createCertificateFromCsr({
  1. required String certificateSigningRequest,
  2. bool? setAsActive,
})

Creates an X.509 certificate using the specified certificate signing request.

Note: The CSR must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST P-256 or NIST P-384 curves.

Note: Reusing the same certificate signing request (CSR) results in a distinct certificate.

You can create multiple certificates in a batch by creating a directory, copying multiple .csr files into that directory, and then specifying that directory on the command line. The following commands show how to create a batch of certificates given a batch of CSRs.

Assuming a set of CSRs are located inside of the directory my-csr-directory:

On Linux and OS X, the command is:

$ ls my-csr-directory/ | xargs -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

This command lists all of the CSRs in my-csr-directory and pipes each CSR file name to the aws iot create-certificate-from-csr AWS CLI command to create a certificate for the corresponding CSR.

The aws iot create-certificate-from-csr part of the command can also be run in parallel to speed up the certificate creation process:

$ ls my-csr-directory/ | xargs -P 10 -I {} aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/{}

On Windows PowerShell, the command to create certificates for all CSRs in my-csr-directory is:

> ls -Name my-csr-directory | %{aws iot create-certificate-from-csr --certificate-signing-request file://my-csr-directory/$_}

On a Windows command prompt, the command to create certificates for all CSRs in my-csr-directory is:

> forfiles /p my-csr-directory /c "cmd /c aws iot create-certificate-from-csr --certificate-signing-request file://@path"

May throw InvalidRequestException. May throw ThrottlingException. May throw UnauthorizedException. May throw ServiceUnavailableException. May throw InternalFailureException.

Parameter certificateSigningRequest : The certificate signing request (CSR).

Parameter setAsActive : Specifies whether the certificate is active.

Implementation

Future<CreateCertificateFromCsrResponse> createCertificateFromCsr({
  required String certificateSigningRequest,
  bool? setAsActive,
}) async {
  ArgumentError.checkNotNull(
      certificateSigningRequest, 'certificateSigningRequest');
  _s.validateStringLength(
    'certificateSigningRequest',
    certificateSigningRequest,
    1,
    1152921504606846976,
    isRequired: true,
  );
  final $query = <String, List<String>>{
    if (setAsActive != null) 'setAsActive': [setAsActive.toString()],
  };
  final $payload = <String, dynamic>{
    'certificateSigningRequest': certificateSigningRequest,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'POST',
    requestUri: '/certificates',
    queryParams: $query,
    exceptionFnMap: _exceptionFns,
  );
  return CreateCertificateFromCsrResponse.fromJson(response);
}