AWS Certificate Manager
User Guide (Version 1.0)

Troubleshoot Certificate Importing Problems

Before you can import a certificate into ACM, you must make sure that the certificate, private key, and certificate chain are all PEM-encoded. You must also ensure that the private key is unencrypted. Your certificates must be similar to the following examples.

Example PEM-encoded certificate

-----BEGIN CERTIFICATE----- Base64-encoded certificate -----END CERTIFICATE-----

Example PEM-encoded, unencrypted private key

-----BEGIN RSA PRIVATE KEY----- Base64-encoded private key -----END RSA PRIVATE KEY-----

Example PEM-encoded certificate chain

A certificate chain contains one or more certificates. The following example contains three certificates, but your certificate chain might contain more or fewer.

-----BEGIN CERTIFICATE----- Base64-encoded certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- Base64-encoded certificate -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- Base64-encoded certificate -----END CERTIFICATE-----