AWS Certificate Manager
User Guide (Version 1.0)

Reimport a Certificate

If you imported a certificate and associated it with other AWS services, you can reimport that certificate before it expires while preserving the AWS service associations of the original certificate. For more information about AWS services integrated with ACM, see Services Integrated with AWS Certificate Manager.

Reimporting Using the Console

The following example shows how to reimport a certificate using the AWS Management Console.

  1. Open the ACM console at

  2. Select or expand the certificate to reimport.

  3. Open the details pane of the certificate and choose the Reimport certificate button. If you selected the certificate by checking the box beside its name, choose Reimport certificate on the Actions menu.

  4. For Certificate body, paste the PEM-encoded end-entity certificate.

  5. For Certificate private key, paste the unencrypted PEM-encoded private key associated with the certificate's public key.

  6. (Optional) For Certificate chain, paste the PEM-encoded certificate chain. The certificate chain includes the end-entity certificate, zero or more certificates for all intermediate issuing certification authorities, and the root certificate.

  7. Choose Review and import.

  8. Review the information about your certificate. If there are no errors, choose Reimport.

Reimporting Using the AWS CLI

The following example shows how to reimport a certificate using the AWS Command Line Interface (AWS CLI). The example assumes the following:

  • The PEM-encoded certificate is stored in a file named Certificate.pem.

  • The PEM-encoded certificate chain is stored in a file named CertificateChain.pem.

  • The PEM-encoded, unencrypted private key is stored in a file named PrivateKey.pem.

  • You have the ARN of the certificate you want to reimport.

To use the following example, replace the file names and the ARN with your own and type the command on one continuous line. The following example includes line breaks and extra spaces to make it easier to read.


To reimport a certificate, you must specify the certificate ARN.

$ aws acm import-certificate --certificate-arn "arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012" --certificate file://Certificate.pem --certificate-chain file://CertificateChain.pem --private-key file://PrivateKey.pem --certificate-arn arn:aws:iam::123456789012:certificate/TestCert

If the import-certificate command is successful, it returns the Amazon Resource Name (ARN) of the certificate.