This topic provides an example on how to query the application status of a domain validated (DV) certificate by calling an API operation.
View API documentation
To query the application status of a DV certificate, call the DescribeCertificateState operation. For more information, see List of operations by function. For more information about the data and permissions that are required to call this operation, see API documentation.
Create a RAM user and grant permissions to the RAM user
Identities
You can call this operation by using an Alibaba Cloud account, a Resource Access Management (RAM) user, or a RAM role. For more information about the differences between identities, see Overview. In this topic, a RAM user is used as an example.
You can log on to the RAM console, create a RAM user and grant only the permissions to call operations to the RAM user, and then record the AccessKey pair. For more information, see Create a RAM user.
Authorization
Go to the Users page of the RAM console. Find the RAM user that you want to manage and click Add Permissions in the Actions column.
In the Policy section, select the AliyunYundunCertFullAccess policy, and click Grant permissions to complete the authorization. The policy includes the permission to manage Certificate Management Service resources.
Credentials
By default, an AccessKey pair is generated when you create a RAM user. You can also go to the details page of the RAM user. On the Authentication tab, click Create AccessKey to create an AccessKey pair. For more information, see Create an AccessKey pair.
Call the operation
The following example shows how to call the operation in Java.
Prepare a Java environment
Prerequisites
Java Development Kit (JDK) 1.8 or later is downloaded and installed. To download the required JDK version, go to the Java Downloads page on the Oracle official website.
IntelliJ IDEA is downloaded and installed. To download IntelliJ IDEA, visit the IntelliJ IDEA official website.
Check the JDK version
Run the java -version
command on the terminal to check the JDK version.
Configure environment variables
In this example, environment variables are configured to manage the AccessKey pair. This helps prevent security risks that are caused by hard coding the AccessKey pair into your business code. The method that is used to configure environment variables varies based on the operating system. For more information, see Configure environment variables in Linux, macOS, and Windows.
Install dependencies
SDK dependencies
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>cas20200407</artifactId>
<version>1.0.13</version>
</dependency>
Credential dependencies
We recommend that you use the latest version of Alibaba Cloud Credentials. For more information, visit Credentials.
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>credentials-java</artifactId>
<version>LATEST</version>
</dependency>
Download the sample code
Call the DescribeCertificateState operation in OpenAPI Explorer.
On the Parameters tab, specify the OrderId parameter. The parameter specifies the ID of the certificate application order that you want to query.
Click Download Project to download the sample code package for Java.
Decompress the sample code package on your computer, open IntelliJ IDEA, and then import the extracted project.
Run sample code
Run the Java code in IntelliJ IDEA. You can obtain the following output:
{
"Type": "domain_verify",
"Domain": "www.example.com",
"RecordType": "TXT",
"Certificate": "-----BEGIN CERTIFICATE----- …… -----END CERTIFICATE-----",
"RequestId": "082FAB35-6AB9-4FD5-8750-D36673548E76",
"RecordDomain": "_dnsauth",
"PrivateKey": "-----BEGIN RSA PRIVATE KEY-----…… -----END RSA PRIVATE KEY-----",
"ValidateType": "FILE",
"RecordValue": "20200420000000223erigacv46uhaubchcm0o7spxi7i2isvjq59mlx9lucnkqcy",
"Content": "http://example.com/.well-known/pki-validation/fileauth.txt",
"Uri": "/.well-known/pki-validation/fileauth.txt"
}