AWS Certificate Manager
API Reference (API Version 2015-12-08)

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.


Updates a certificate. Currently, you can use this function to specify whether to opt in to or out of recording your certificate in a certificate transparency log. For more information, see Opting Out of Certificate Transparency Logging.

Request Syntax

{ "CertificateArn": "string", "Options": { "CertificateTransparencyLoggingPreference": "string" } }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.


In the following list, the required parameters are described first.


ARN of the requested certificate to update. This must be of the form:


Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:[\w+=/,.@-]*:[0-9]+:[\w+=,.@-]+(/[\w+=,.@-]+)*

Required: Yes


Use to update the options for your certificate. Currently, you can specify whether to add your certificate to a transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser.

Type: CertificateOptions object

Required: Yes

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.


For information about the errors that are common to all actions, see Common Errors.


The requested Amazon Resource Name (ARN) does not refer to an existing resource.

HTTP Status Code: 400


Processing has reached an invalid state.

HTTP Status Code: 400


An ACM limit has been exceeded.

HTTP Status Code: 400


The specified certificate cannot be found in the caller's account or the caller's account cannot be found.

HTTP Status Code: 400



Sample Request

POST / HTTP/1.1 Accept-Encoding: identity Content-Length: 185 X-Amz-Target: CertificateManager.UpdateCertificateOptions X-Amz-Date: 20180326T222032Z User-Agent: aws-cli/1.14.28 Python/2.7.9 Windows/8 botocore/1.8.32 Content-Type: application/x-amz-json-1.1 Authorization: AWS4-HMAC-SHA256 Credential=key_ID/20151222/us-east-1/acm/aws4_request, SignedHeaders=content-type;host;user-agent;x-amz-date;x-amz-target, Signature=7ec7e70cd614724945545b22bc28296f77803d0c2524573d41c994668f07f435 { "CertificateArn": "arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012", "CertificateOptions": { "CertificateTransparencyLoggingPreference": "DISABLED" } }


Sample Response

HTTP/1.1 200 OK x-amzn-RequestId: e6f55ecb-3143-11e8-af72-0bd5049841d5 Content-Type: application/x-amz-json-1.1 Content-Length: 0 Date: Tue, 22 Dec 2015 17:07:18 GMT

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: