:doc:`DatabaseMigrationService <../../dms>` / Client / describe_certificates

*********************
describe_certificates
*********************



.. py:method:: DatabaseMigrationService.Client.describe_certificates(**kwargs)

  

  Provides a description of the certificate.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/dms-2016-01-01/DescribeCertificates>`_  


  **Request Syntax**
  ::

    response = client.describe_certificates(
        Filters=[
            {
                'Name': 'string',
                'Values': [
                    'string',
                ]
            },
        ],
        MaxRecords=123,
        Marker='string'
    )
    
  :type Filters: list
  :param Filters: 

    Filters applied to the certificates described in the form of key-value pairs. Valid values are ``certificate-arn`` and ``certificate-id``.

    

  
    - *(dict) --* 

      Identifies the name and value of a filter object. This filter is used to limit the number and type of DMS objects that are returned for a particular ``Describe*`` call or similar operation. Filters are used as an optional parameter for certain API operations.

      

    
      - **Name** *(string) --* **[REQUIRED]** 

        The name of the filter as specified for a ``Describe*`` or similar operation.

        

      
      - **Values** *(list) --* **[REQUIRED]** 

        The filter value, which can specify one or more values used to narrow the returned results.

        

      
        - *(string) --* 

        
    
    

  :type MaxRecords: integer
  :param MaxRecords: 

    The maximum number of records to include in the response. If more records exist than the specified ``MaxRecords`` value, a pagination token called a marker is included in the response so that the remaining results can be retrieved.

     

    Default: 10

    

  
  :type Marker: string
  :param Marker: 

    An optional pagination token provided by a previous request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by ``MaxRecords``.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Marker': 'string',
          'Certificates': [
              {
                  'CertificateIdentifier': 'string',
                  'CertificateCreationDate': datetime(2015, 1, 1),
                  'CertificatePem': 'string',
                  'CertificateWallet': b'bytes',
                  'CertificateArn': 'string',
                  'CertificateOwner': 'string',
                  'ValidFromDate': datetime(2015, 1, 1),
                  'ValidToDate': datetime(2015, 1, 1),
                  'SigningAlgorithm': 'string',
                  'KeyLength': 123,
                  'KmsKeyId': 'string'
              },
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Marker** *(string) --* 

        The pagination token.

        
      

      - **Certificates** *(list) --* 

        The Secure Sockets Layer (SSL) certificates associated with the replication instance.

        
        

        - *(dict) --* 

          The SSL certificate that can be used to encrypt connections between the endpoints and the replication instance.

          
          

          - **CertificateIdentifier** *(string) --* 

            A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.

            
          

          - **CertificateCreationDate** *(datetime) --* 

            The date that the certificate was created.

            
          

          - **CertificatePem** *(string) --* 

            The contents of a ``.pem`` file, which contains an X.509 certificate.

            
          

          - **CertificateWallet** *(bytes) --* 

            The location of an imported Oracle Wallet certificate for use with SSL. Example: ``filebase64("${path.root}/rds-ca-2019-root.sso")``

            
          

          - **CertificateArn** *(string) --* 

            The Amazon Resource Name (ARN) for the certificate.

            
          

          - **CertificateOwner** *(string) --* 

            The owner of the certificate.

            
          

          - **ValidFromDate** *(datetime) --* 

            The beginning date that the certificate is valid.

            
          

          - **ValidToDate** *(datetime) --* 

            The final date that the certificate is valid.

            
          

          - **SigningAlgorithm** *(string) --* 

            The signing algorithm for the certificate.

            
          

          - **KeyLength** *(integer) --* 

            The key length of the cryptographic algorithm being used.

            
          

          - **KmsKeyId** *(string) --* 

            An KMS key identifier that is used to encrypt the certificate.

             

            If you don't specify a value for the ``KmsKeyId`` parameter, then DMS uses your default encryption key.

             

            KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Region.

            
      
    
  
  **Exceptions**
  
  *   :py:class:`DatabaseMigrationService.Client.exceptions.ResourceNotFoundFault`

  

  **Examples**

  Provides a description of the certificate.
  ::

    response = client.describe_certificates(
        Filters=[
            {
                'Name': 'string',
                'Values': [
                    'string',
                    'string',
                ],
            },
        ],
        Marker='',
        MaxRecords=123,
    )
    
    print(response)

  
  Expected Output:
  ::

    {
        'Certificates': [
        ],
        'Marker': '',
        'ResponseMetadata': {
            '...': '...',
        },
    }

  