aws中AcmClient.describeCertificate返回值中没有ResourceRecord

我有一个需求,就是让用户自己把自己的域名绑定我们的提供的AWS服务器。

AWS需要验证证书 上一篇文章中我用php的AcmClient中的requestCertificate方法申请到了证书。

   $acmClient = new AcmClient([
            'region' => 'us-east-1',
            'version' => '2015-12-08',
            'credentials'=>[
                // 'id'=>"851725259723",
                'key'=>"AKIA4MTWICPFTJEVQ25E",
                "secret"=>"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"
            ]
            
        ]);
        

        $subdomainName = "";

        // 使用 mt_rand() 生成随机数
        $randomNumber = mt_rand(1000, 99999);
 
        $result = $acmClient->requestCertificate([
            'DomainName' =>"$domainName",  
     
            'ValidationMethod' => 'DNS',
            ''
        ]);

        $acm_certificate = $result->get("CertificateArn");

开始我以为返回的这个 arn:aws:acm:us-east-1:851725259723:certificate\/b59ed66e-edce-40da-8ed7-2f69f535ccc6 就可以配置在域名解析上。当我填上去的时候发现报错了

原来要填的不是这个。

后来我在AWS的后台证书上发现,原来证书里有一个domain。通常我们如果是自己来绑定域名,到后台来复制过去,然后去到域名服务商那里填写信息解析域名就可以了。

但是我们的需求是,通过Api获取到CNAME等信息,通过接口返回给用户,让用户自己去绑定域名。

第一步通过Api接口 requestCertificate方法申请证书是成功了,但是requestCertificate的返回里没有我们要的CNAME信息。

通过查看文档,发现describeCertificate方法返回了我要的东西。ResourceRecord里面包含的就是。https://docs.aws.amazon.com/zh_cn/acm/latest/APIReference/API_DescribeCertificate.html

于是我写好了调用方法:

       // echo $acm_certificate;
            $certificate_detail = $acmClient->describeCertificate(
                [
                    "CertificateArn"=> $acm_certificate
                ],
            );

返回值是这样的:

Model Data
----------
Data can be retrieved from the model object using the get() method of the
model (e.g., `$result->get($key)`) or "accessing the result like an
associative array (e.g. `$result['key']`). You can also execute JMESPath
expressions on the result data using the search() method.

{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-1:851725259723:certificate\/b59ed66e-edce-40da-8ed7-2f69f535ccc6",
        "DomainName": "sdafsdfsd.com",
        "SubjectAlternativeNames": [
            "sdafsdfsd.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "sdafsdfsd.com",
                "ValidationDomain": "sdafsdfsd.com",
                "ValidationStatus": "PENDING_VALIDATION",
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=sdafsdfsd.com",
        "Issuer": "Amazon",
        "CreatedAt": "2024-11-13T06:26:15+00:00",
        "Status": "PENDING_VALIDATION",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "INELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "DISABLED"
        }
    },
    "@metadata": {
        "statusCode": 200,
        "effectiveUri": "https:\/\/acm.us-east-1.amazonaws.com",
        "headers": {
            "x-amzn-requestid": "dc2eafd9-f2d0-4ec5-b712-3f863878b1ab",
            "content-type": "application\/x-amz-json-1.1",
            "content-length": "695",
            "date": "Wed, 13 Nov 2024 06:26:17 GMT",
            "connection": "close"
        },
        "transferStats": {
            "http": [
                []
            ]
        }
    }
}

文档上明明说会返回这个值,但我实际结果里面没有。怎么办?我到处搜索,找客服还要花钱。没办法,继续折腾。偶然一次,发现去掉"IdempotencyToken",这个动态随机参数时,我重复点击请求我写的接口(里面包含有requestCertificate和describeCertificate这两个操作),突然有一次返回的结果里面有ResourceRecord。

Model Data
----------
Data can be retrieved from the model object using the get() method of the
model (e.g., `$result->get($key)`) or "accessing the result like an
associative array (e.g. `$result['key']`). You can also execute JMESPath
expressions on the result data using the search() method.

{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-1:851725259723:certificate\/36323e6b-44b0-4319-a89c-554f83b4903d",
        "DomainName": "dddddddseeddeessssssseee.com",
        "SubjectAlternativeNames": [
            "dddddddseeddeessssssseee.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "dddddddseeddeessssssseee.com",
                "ValidationDomain": "dddddddseeddeessssssseee.com",
                "ValidationStatus": "PENDING_VALIDATION",
                "ResourceRecord": {
                    "Name": "_aed5251d9f13549ea764739a398b8031.dddddddseeddeessssssseee.com.",
                    "Type": "CNAME",
                    "Value": "_3f3f8c3ebb4c32f510b21bbee66da88e.djqtsrsxkq.acm-validations.aws."
                },
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=dddddddseeddeessssssseee.com",
        "Issuer": "Amazon",
        "CreatedAt": "2024-11-13T09:02:12+00:00",
        "Status": "PENDING_VALIDATION",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "INELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "ENABLED"
        }
    },
    "@metadata": {
        "statusCode": 200,
        "effectiveUri": "https:\/\/acm.us-east-1.amazonaws.com",
        "headers": {
            "x-amzn-requestid": "8ba40475-79b0-4a0a-adda-c8a32d9357e4",
            "content-type": "application\/x-amz-json-1.1",
            "content-length": "952",
            "date": "Wed, 13 Nov 2024 09:18:55 GMT",
            "connection": "close"
        },
        "transferStats": {
            "http": [
                []
            ]
        }
    }
}
sss{}

到此我恍然大悟,原来是ResourceRecord要返回的时候还没拿到,需要多次请求。直接返回值里有ResourceRecord为止。

相关推荐
创实信息3 天前
GitHub企业版:AWS CodeCommit迁移的最佳路径与技术优势
git·ci/cd·github·aws·github企业版·aws codecommit
九河云3 天前
《Amazon Bedrock vs ChatGPT:谁更胜一筹?》
人工智能·语言模型·chatgpt·云计算·aws
程序猿进阶4 天前
Spring boot启动原理及相关组件
java·网络·数据库·spring boot·后端·spring·aws
sealaugh324 天前
aws(学习笔记第十八课) 使用aws cdk(python)进行部署
笔记·学习·aws
AutoMQ5 天前
Kafka 迁移 AutoMQ 时 Flink 位点管理的挑战与解决方案
大数据·阿里云·云原生·kafka·云计算·腾讯云·aws·消息·gcp·计算·automq
AutoMQ5 天前
活动预告|云原生创新论坛:知乎携手 AutoMQ、OceanBase、快猫星云的实践分享
大数据·阿里云·云原生·kafka·云计算·腾讯云·aws·消息·gcp·计算·automq
范桂飓7 天前
AWS re:Invent 2024 — AI 基础设施架构
人工智能·架构·aws
九河云7 天前
Amazon Bedrock与AWS服务的无缝集成,如何打造智能化应用
人工智能·云计算·aws
weixin_307779139 天前
AWS云计算问答式知识库系统的实现
python·flask·云计算·fastapi·aws
胡八一9 天前
解决 AWS SDK for Java 连接 S3 文件系统Unable to load an HTTP implementation 问题
java·http·aws