- Le plus récent
- Le plus de votes
- La plupart des commentaires
I think the documentation needs to be updated here because it's 100% not possible to use the ACM console like it mentions here: https://docs.aws.amazon.com/acm/latest/userguide/export-private.html to export, or even issue a certificate by a PCA (Private CA) in short-lived certificate mode. This is because when you use the ACM console to request a certificate, the setting of the validity of the certificate is always 13 months. PCAs in short-lived mode can only issue certs up to 7 days which is why you get that error.
Also, the ACM console is for issuing end-entity certificates anyways. I think that in that documentation you posted, it wants to you retrieve the CA certificate of the PCA. This can be done by going to the AWS console -> Private CA -> Select your PrivateCA -> then, look for the CA Certificate Tab. The CA certificate should be there in PEM which you can copy. The reason why I think this is the right ways is because the next step is:
-Publish the CA to Active Directory. Copy the CA private certificate to any <path><file> and run the following commands as a domain administrator.
FYI, the only way to issue end-entity certificates from a PCA in short lived mode is to use the IssueCertificate API. That API is not supported in the console and must be made programmatically / CLI. https://docs.aws.amazon.com/privateca/latest/userguide/PcaIssueCert.html
Contenus pertinents
- demandé il y a 2 ans
- demandé il y a un an
- demandé il y a 11 jours
- AWS OFFICIELA mis à jour il y a 2 mois
- AWS OFFICIELA mis à jour il y a 5 mois
- AWS OFFICIELA mis à jour il y a 2 mois
- AWS OFFICIELA mis à jour il y a 5 mois