[英]Import certificate in AWS ACM using python
我正在使用 python 將 openssl 證書導入 AWS ACM。 我總是得到一個錯誤:
Response:
{
"errorMessage": "An error occurred (ValidationException) when calling the ImportCertificate operation: The certificate field contains more than one certificate. You can specify only one certificate in this field.",
"errorType": "ClientError",
"stackTrace": [
" File \"/var/task/lambda_function.py\", line 7, in lambda_handler\n response = client.import_certificate(\n",
" File \"/var/runtime/botocore/client.py\", line 316, in _api_call\n return self._make_api_call(operation_name, kwargs)\n",
" File \"/var/runtime/botocore/client.py\", line 626, in _make_api_call\n raise error_class(parsed_response, operation_name)\n"
]
}
這是我的代碼:
import boto3
client = boto3.client('acm')
def lambda_handler(event, context):
response = client.import_certificate(
Certificate='sample.vpn.crt',
PrivateKey='sample.vpn.key',
CertificateChain='ca.crt'
)
任何幫助,將不勝感激。
如boto3 文檔中所述,三個參數的類型不應該是字符串,而是字節。 對我來說,訣竅是從 package 中讀取證書文件,如下所示:
import boto3
client = boto3.client('acm')
def lambda_handler(event, context):
certificate=open('sample.vpn.crt', 'rb').read()
privatekey=open('sample.vpn.key', 'rb').read()
chain=open('ca.crt', 'rb').read()
response = client.import_certificate(
Certificate=certificate,
PrivateKey=privatekey,
CertificateChain=chain
)
不幸的是,在這種情況下,錯誤消息有點誤導。 如果您仍然收到相同的錯誤消息,請確保您的證書文件具有 ACM 要求的格式。 您可以通過嘗試使用 ACM 控制台導入證書來進行測試。 如果您收到相同的錯誤,請按照 AWS 在此故障排除頁面上提供的步驟進行操作。
發生錯誤是因為您應該傳遞證書的值,而不是文件名:
CertificateArn='string',
Certificate=b'bytes',
PrivateKey=b'bytes',
因此,您可以嘗試以下方法:
with open('sample.vpn.pem','r') as f:
crt = f.read()
with open('sample.vpn.pem','rb') as f:
key = f.read()
with open('ca.crt','rb') as f:
chain = f.read()
response = client.import_certificate(
Certificate=crt,
PrivateKey=key,
CertificateChain=chain)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.