Chilkat Online Tools

CreateCertificateAuthority Python Example

AWS Private CA

import sys
import chilkat2

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

rest = chilkat2.Rest()

authAws = chilkat2.AuthAws()
authAws.AccessKey = "AWS_ACCESS_KEY"
authAws.SecretKey = "AWS_SECRET_KEY"

# Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.Region = "us-west-2"
authAws.ServiceName = "acm-pca"
# SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
rest.SetAuthAws(authAws)

# URL: https://acm-pca.us-west-2.amazonaws.com/
# Use the same region as specified above.
success = rest.Connect("acm-pca.us-west-2.amazonaws.com",443,True,True)
if (success != True):
    print("ConnectFailReason: " + str(rest.ConnectFailReason))
    print(rest.LastErrorText)
    sys.exit()

# The following code creates the JSON request body.
# The JSON created by this code is shown below.

# Use this online tool to generate code from sample JSON:
# Generate Code to Create JSON

json = chilkat2.JsonObject()
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.CRLSign",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.DataEncipherment",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.DecipherOnly",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.DigitalSignature",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.EncipherOnly",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.KeyAgreement",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.KeyCertSign",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.KeyEncipherment",123)
json.UpdateInt("CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.NonRepudiation",123)
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.CommonName","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Country","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.DistinguishedNameQualifier","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.GenerationQualifier","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.GivenName","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Initials","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Locality","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Organization","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.OrganizationalUnit","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Pseudonym","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.SerialNumber","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.State","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Surname","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Title","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DnsName","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.EdiPartyName.NameAssigner","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.EdiPartyName.PartyName","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.IpAddress","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.OtherName.TypeId","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.OtherName.Value","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.RegisteredId","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.Rfc822Name","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.UniformResourceIdentifier","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessMethod.AccessMethodType","string")
json.UpdateString("CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessMethod.CustomObjectIdentifier","string")
json.UpdateString("CertificateAuthorityConfiguration.KeyAlgorithm","string")
json.UpdateString("CertificateAuthorityConfiguration.SigningAlgorithm","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.CommonName","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Country","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.DistinguishedNameQualifier","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.GenerationQualifier","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.GivenName","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Initials","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Locality","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Organization","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.OrganizationalUnit","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Pseudonym","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.SerialNumber","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.State","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Surname","string")
json.UpdateString("CertificateAuthorityConfiguration.Subject.Title","string")
json.UpdateString("CertificateAuthorityType","string")
json.UpdateString("IdempotencyToken","string")
json.UpdateString("KeyStorageSecurityStandard","string")
json.UpdateString("RevocationConfiguration.CrlConfiguration.CustomCname","string")
json.UpdateInt("RevocationConfiguration.CrlConfiguration.Enabled",123)
json.UpdateInt("RevocationConfiguration.CrlConfiguration.ExpirationInDays",123)
json.UpdateString("RevocationConfiguration.CrlConfiguration.S3BucketName","string")
json.UpdateString("RevocationConfiguration.CrlConfiguration.S3ObjectAcl","string")
json.UpdateInt("RevocationConfiguration.OcspConfiguration.Enabled",123)
json.UpdateString("RevocationConfiguration.OcspConfiguration.OcspCustomCname","string")
json.UpdateString("Tags[0].Key","string")
json.UpdateString("Tags[0].Value","string")

# The JSON request body created by the above code:

# {
#   "CertificateAuthorityConfiguration": {
#     "CsrExtensions": {
#       "KeyUsage": {
#         "CRLSign": boolean,
#         "DataEncipherment": boolean,
#         "DecipherOnly": boolean,
#         "DigitalSignature": boolean,
#         "EncipherOnly": boolean,
#         "KeyAgreement": boolean,
#         "KeyCertSign": boolean,
#         "KeyEncipherment": boolean,
#         "NonRepudiation": boolean
#       },
#       "SubjectInformationAccess": [
#         {
#           "AccessLocation": {
#             "DirectoryName": {
#               "CommonName": "string",
#               "Country": "string",
#               "DistinguishedNameQualifier": "string",
#               "GenerationQualifier": "string",
#               "GivenName": "string",
#               "Initials": "string",
#               "Locality": "string",
#               "Organization": "string",
#               "OrganizationalUnit": "string",
#               "Pseudonym": "string",
#               "SerialNumber": "string",
#               "State": "string",
#               "Surname": "string",
#               "Title": "string"
#             },
#             "DnsName": "string",
#             "EdiPartyName": {
#               "NameAssigner": "string",
#               "PartyName": "string"
#             },
#             "IpAddress": "string",
#             "OtherName": {
#               "TypeId": "string",
#               "Value": "string"
#             },
#             "RegisteredId": "string",
#             "Rfc822Name": "string",
#             "UniformResourceIdentifier": "string"
#           },
#           "AccessMethod": {
#             "AccessMethodType": "string",
#             "CustomObjectIdentifier": "string"
#           }
#         }
#       ]
#     },
#     "KeyAlgorithm": "string",
#     "SigningAlgorithm": "string",
#     "Subject": {
#       "CommonName": "string",
#       "Country": "string",
#       "DistinguishedNameQualifier": "string",
#       "GenerationQualifier": "string",
#       "GivenName": "string",
#       "Initials": "string",
#       "Locality": "string",
#       "Organization": "string",
#       "OrganizationalUnit": "string",
#       "Pseudonym": "string",
#       "SerialNumber": "string",
#       "State": "string",
#       "Surname": "string",
#       "Title": "string"
#     }
#   },
#   "CertificateAuthorityType": "string",
#   "IdempotencyToken": "string",
#   "KeyStorageSecurityStandard": "string",
#   "RevocationConfiguration": {
#     "CrlConfiguration": {
#       "CustomCname": "string",
#       "Enabled": boolean,
#       "ExpirationInDays": number,
#       "S3BucketName": "string",
#       "S3ObjectAcl": "string"
#     },
#     "OcspConfiguration": {
#       "Enabled": boolean,
#       "OcspCustomCname": "string"
#     }
#   },
#   "Tags": [
#     {
#       "Key": "string",
#       "Value": "string"
#     }
#   ]
# }

rest.AddHeader("Content-Type","application/x-amz-json-1.1")
rest.AddHeader("X-Amz-Target","ACMPrivateCA.CreateCertificateAuthority")

sbRequestBody = chilkat2.StringBuilder()
json.EmitSb(sbRequestBody)
sbResponseBody = chilkat2.StringBuilder()
success = rest.FullRequestSb("POST","/",sbRequestBody,sbResponseBody)
if (success != True):
    print(rest.LastErrorText)
    sys.exit()

respStatusCode = rest.ResponseStatusCode
print("response status code = " + str(respStatusCode))
if (respStatusCode != 200):
    print("Response Header:")
    print(rest.ResponseHeader)
    print("Response Body:")
    print(sbResponseBody.GetAsString())
    sys.exit()

jResp = chilkat2.JsonObject()
jResp.LoadSb(sbResponseBody)

# The following code parses the JSON response.
# A sample JSON response is shown below the sample code.

# Use this online tool to generate parsing code from sample JSON:
# Generate Parsing Code from JSON

CertificateAuthorityArn = jResp.StringOf("CertificateAuthorityArn")

# A sample JSON response body parsed by the above code:

# {
#   "CertificateAuthorityArn": "string"
# }