[ aws . ds ]

describe-certificate

Description

Displays information about the certificate registered for secure LDAP or client certificate authentication.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  describe-certificate
--directory-id <value>
--certificate-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--directory-id (string)

The identifier of the directory.

--certificate-id (string)

The identifier of the certificate.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

Certificate -> (structure)

Information about the certificate, including registered date time, certificate state, the reason for the state, expiration date time, and certificate common name.

CertificateId -> (string)

The identifier of the certificate.

State -> (string)

The state of the certificate.

StateReason -> (string)

Describes a state change for the certificate.

CommonName -> (string)

The common name for the certificate.

RegisteredDateTime -> (timestamp)

The date and time that the certificate was registered.

ExpiryDateTime -> (timestamp)

The date and time when the certificate will expire.

Type -> (string)

The function that the registered certificate performs. Valid values include ClientLDAPS or ClientCertAuth . The default value is ClientLDAPS .

ClientCertAuthSettings -> (structure)

A ClientCertAuthSettings object that contains client certificate authentication settings.

OCSPUrl -> (string)

Specifies the URL of the default OCSP server used to check for revocation status. A secondary value to any OCSP address found in the AIA extension of the user certificate.