diff --git a/docs/data-sources/ccm_private_ca_export.md b/docs/data-sources/ccm_private_ca_export.md
new file mode 100644
index 0000000000..d13b22002f
--- /dev/null
+++ b/docs/data-sources/ccm_private_ca_export.md
@@ -0,0 +1,42 @@
+---
+subcategory: "Cloud Certificate Manager (CCM)"
+layout: "huaweicloud"
+page_title: "HuaweiCloud: huaweicloud_ccm_private_ca_export"
+description: |-
+  Use this data source to export a private CA within HuaweiCloud.
+---
+
+# huaweicloud_ccm_private_ca_export
+
+Use this data source to export a private CA within HuaweiCloud.
+
+-> Only CAs in `ACTIVED`, `DISABLED` or `EXPIRED` status support exporting operation.
+
+## Example Usage
+
+```hcl
+variable "ca_id" {}
+
+data "huaweicloud_ccm_private_ca_export" "test" {
+  ca_id = var.ca_id
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `region` - (Optional, String) Specifies the region in which to query the resource.
+  If omitted, the provider-level region will be used.
+
+* `ca_id` - (Required, String) Specifies the ID of the CA you want to export.
+
+## Attribute Reference
+
+In addition to all arguments above, the following attributes are exported:
+
+* `id` - The data source ID.
+
+* `certificate` - The certificate content.
+
+* `certificate_chain` - The content of the certificate chain.
diff --git a/huaweicloud/provider.go b/huaweicloud/provider.go
index 8e03a3b038..0d8deea94a 100644
--- a/huaweicloud/provider.go
+++ b/huaweicloud/provider.go
@@ -496,6 +496,7 @@ func Provider() *schema.Provider {
 			"huaweicloud_ccm_certificates":               ccm.DataSourceCertificates(),
 			"huaweicloud_ccm_certificate_export":         ccm.DataSourceCertificateExport(),
 			"huaweicloud_ccm_private_cas":                ccm.DataSourcePrivateCas(),
+			"huaweicloud_ccm_private_ca_export":          ccm.DataSourcePrivateCaExport(),
 			"huaweicloud_ccm_private_certificates":       ccm.DataSourcePrivateCertificates(),
 			"huaweicloud_ccm_private_certificate_export": ccm.DataSourceCcmPrivateCertificateExport(),
 
diff --git a/huaweicloud/services/acceptance/ccm/data_source_huaweicloud_ccm_private_ca_export_test.go b/huaweicloud/services/acceptance/ccm/data_source_huaweicloud_ccm_private_ca_export_test.go
new file mode 100644
index 0000000000..530d8a41e7
--- /dev/null
+++ b/huaweicloud/services/acceptance/ccm/data_source_huaweicloud_ccm_private_ca_export_test.go
@@ -0,0 +1,44 @@
+package ccm
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/services/acceptance"
+)
+
+func TestAccDataSourcePrivateCaExport_basic(t *testing.T) {
+	var (
+		dataSource = "data.huaweicloud_ccm_private_ca_export.test"
+		rName      = acceptance.RandomAccResourceName()
+		dc         = acceptance.InitDataSourceCheck(dataSource)
+	)
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck: func() {
+			acceptance.TestAccPreCheck(t)
+		},
+		ProviderFactories: acceptance.TestAccProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testDataSourceDataSourcePrivateCaExport_basic(rName),
+				Check: resource.ComposeTestCheckFunc(
+					dc.CheckResourceExists(),
+					resource.TestCheckResourceAttrSet(dataSource, "certificate"),
+				),
+			},
+		},
+	})
+}
+
+func testDataSourceDataSourcePrivateCaExport_basic(name string) string {
+	return fmt.Sprintf(`
+%s
+
+data "huaweicloud_ccm_private_ca_export" "test" {
+  ca_id = huaweicloud_ccm_private_ca.test_root.id
+}
+`, tesPrivateCA_base(name))
+}
diff --git a/huaweicloud/services/ccm/data_source_huaweicloud_ccm_private_ca_export.go b/huaweicloud/services/ccm/data_source_huaweicloud_ccm_private_ca_export.go
new file mode 100644
index 0000000000..8447a699ab
--- /dev/null
+++ b/huaweicloud/services/ccm/data_source_huaweicloud_ccm_private_ca_export.go
@@ -0,0 +1,106 @@
+// Generated by PMS #277
+package ccm
+
+import (
+	"context"
+	"strings"
+
+	"github.com/hashicorp/go-multierror"
+	"github.com/hashicorp/go-uuid"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/tidwall/gjson"
+
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/config"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/helper/httphelper"
+	"github.com/huaweicloud/terraform-provider-huaweicloud/huaweicloud/helper/schemas"
+)
+
+func DataSourcePrivateCaExport() *schema.Resource {
+	return &schema.Resource{
+		ReadContext: dataSourcePrivateCaExportRead,
+
+		Schema: map[string]*schema.Schema{
+			"region": {
+				Type:        schema.TypeString,
+				Optional:    true,
+				Computed:    true,
+				Description: `Specifies the region in which to query the resource. If omitted, the provider-level region will be used.`,
+			},
+			"ca_id": {
+				Type:        schema.TypeString,
+				Required:    true,
+				Description: `Specifies the ID of the CA certificate you want to export.`,
+			},
+			"certificate": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: `The certificate content.`,
+			},
+			"certificate_chain": {
+				Type:        schema.TypeString,
+				Computed:    true,
+				Description: `The content of the certificate chain.`,
+			},
+		},
+	}
+}
+
+type PrivateCaExportDSWrapper struct {
+	*schemas.ResourceDataWrapper
+	Config *config.Config
+}
+
+func newPrivateCaExportDSWrapper(d *schema.ResourceData, meta interface{}) *PrivateCaExportDSWrapper {
+	return &PrivateCaExportDSWrapper{
+		ResourceDataWrapper: schemas.NewSchemaWrapper(d),
+		Config:              meta.(*config.Config),
+	}
+}
+
+func dataSourcePrivateCaExportRead(_ context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
+	wrapper := newPrivateCaExportDSWrapper(d, meta)
+	expCerAutCerRst, err := wrapper.ExportCertificateAuthorityCertificate()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	id, err := uuid.GenerateUUID()
+	if err != nil {
+		return diag.FromErr(err)
+	}
+	d.SetId(id)
+
+	err = wrapper.exportCertificateAuthorityCertificateToSchema(expCerAutCerRst)
+	if err != nil {
+		return diag.FromErr(err)
+	}
+
+	return nil
+}
+
+// @API CCM POST /v1/private-certificate-authorities/{ca_id}/export
+func (w *PrivateCaExportDSWrapper) ExportCertificateAuthorityCertificate() (*gjson.Result, error) {
+	client, err := w.NewClient(w.Config, "ccm")
+	if err != nil {
+		return nil, err
+	}
+
+	uri := "/v1/private-certificate-authorities/{ca_id}/export"
+	uri = strings.ReplaceAll(uri, "{ca_id}", w.Get("ca_id").(string))
+	return httphelper.New(client).
+		Method("POST").
+		URI(uri).
+		Request().
+		Result()
+}
+
+func (w *PrivateCaExportDSWrapper) exportCertificateAuthorityCertificateToSchema(body *gjson.Result) error {
+	d := w.ResourceData
+	mErr := multierror.Append(nil,
+		d.Set("region", w.Config.GetRegion(w.ResourceData)),
+		d.Set("certificate", body.Get("certificate").Value()),
+		d.Set("certificate_chain", body.Get("certificate_chain").Value()),
+	)
+	return mErr.ErrorOrNil()
+}