:doc:`Transfer <../../transfer>` / Client / describe_certificate

********************
describe_certificate
********************



.. py:method:: Transfer.Client.describe_certificate(**kwargs)

  

  Describes the certificate that's identified by the ``CertificateId``.

   

  .. note::

    

    Transfer Family automatically publishes a Amazon CloudWatch metric called ``DaysUntilExpiry`` for imported certificates. This metric tracks the number of days until the certificate expires based on the ``InactiveDate``. The metric is available in the ``AWS/Transfer`` namespace and includes the ``CertificateId`` as a dimension.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/transfer-2018-11-05/DescribeCertificate>`_  


  **Request Syntax**
  ::

    response = client.describe_certificate(
        CertificateId='string'
    )
    
  :type CertificateId: string
  :param CertificateId: **[REQUIRED]** 

    An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Certificate': {
              'Arn': 'string',
              'CertificateId': 'string',
              'Usage': 'SIGNING'|'ENCRYPTION'|'TLS',
              'Status': 'ACTIVE'|'PENDING_ROTATION'|'INACTIVE',
              'Certificate': 'string',
              'CertificateChain': 'string',
              'ActiveDate': datetime(2015, 1, 1),
              'InactiveDate': datetime(2015, 1, 1),
              'Serial': 'string',
              'NotBeforeDate': datetime(2015, 1, 1),
              'NotAfterDate': datetime(2015, 1, 1),
              'Type': 'CERTIFICATE'|'CERTIFICATE_WITH_PRIVATE_KEY',
              'Description': 'string',
              'Tags': [
                  {
                      'Key': 'string',
                      'Value': 'string'
                  },
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Certificate** *(dict) --* 

        The details for the specified certificate, returned as an object.

        
        

        - **Arn** *(string) --* 

          The unique Amazon Resource Name (ARN) for the certificate.

          
        

        - **CertificateId** *(string) --* 

          An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.

          
        

        - **Usage** *(string) --* 

          Specifies how this certificate is used. It can be used in the following ways:

           

          
          * ``SIGNING``: For signing AS2 messages
           
          * ``ENCRYPTION``: For encrypting AS2 messages
           
          * ``TLS``: For securing AS2 communications sent over HTTPS
          

          
        

        - **Status** *(string) --* 

          A certificate's status can be either ``ACTIVE`` or ``INACTIVE``.

           

          You can set ``ActiveDate`` and ``InactiveDate`` in the ``UpdateCertificate`` call. If you set values for these parameters, those values are used to determine whether the certificate has a status of ``ACTIVE`` or ``INACTIVE``.

           

          If you don't set values for ``ActiveDate`` and ``InactiveDate``, we use the ``NotBefore`` and ``NotAfter`` date as specified on the X509 certificate to determine when a certificate is active and when it is inactive.

          
        

        - **Certificate** *(string) --* 

          The file name for the certificate.

          
        

        - **CertificateChain** *(string) --* 

          The list of certificates that make up the chain for the certificate.

          
        

        - **ActiveDate** *(datetime) --* 

          An optional date that specifies when the certificate becomes active. If you do not specify a value, ``ActiveDate`` takes the same value as ``NotBeforeDate``, which is specified by the CA.

          
        

        - **InactiveDate** *(datetime) --* 

          An optional date that specifies when the certificate becomes inactive. If you do not specify a value, ``InactiveDate`` takes the same value as ``NotAfterDate``, which is specified by the CA.

          
        

        - **Serial** *(string) --* 

          The serial number for the certificate.

          
        

        - **NotBeforeDate** *(datetime) --* 

          The earliest date that the certificate is valid.

          
        

        - **NotAfterDate** *(datetime) --* 

          The final date that the certificate is valid.

          
        

        - **Type** *(string) --* 

          If a private key has been specified for the certificate, its type is ``CERTIFICATE_WITH_PRIVATE_KEY``. If there is no private key, the type is ``CERTIFICATE``.

          
        

        - **Description** *(string) --* 

          The name or description that's used to identity the certificate.

          
        

        - **Tags** *(list) --* 

          Key-value pairs that can be used to group and search for certificates.

          
          

          - *(dict) --* 

            Creates a key-value pair for a specific resource. Tags are metadata that you can use to search for and group a resource for various purposes. You can apply tags to servers, users, and roles. A tag key can take more than one value. For example, to group servers for accounting purposes, you might create a tag called ``Group`` and assign the values ``Research`` and ``Accounting`` to that group.

            
            

            - **Key** *(string) --* 

              The name assigned to the tag that you create.

              
            

            - **Value** *(string) --* 

              Contains one or more values that you assigned to the key name you create.

              
        
      
    
  
  **Exceptions**
  
  *   :py:class:`Transfer.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`Transfer.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`Transfer.Client.exceptions.InternalServiceError`

  
  *   :py:class:`Transfer.Client.exceptions.ServiceUnavailableException`

  