Listing certificates managed by ACM
You can use the ACM console or AWS CLI to list the certificates managed by ACM.
If you manage 100 or more certificates, we recommend using the AWS CLI option.
To list your certificates using the console
-
Open the ACM console at https://console.aws.amazon.com/acm/
. -
Review the information in the table. Each certificate occupies a row with the following columns displayed by default for each certificate:
-
Domain Name – The fully qualified domain name (FQDN) for the certificate.
-
Additional Names – Additional names that are supported by this certificate.
-
Status – Certificate status. This can be any of the following values:
-
Pending validation
-
Issued
-
Inactive
-
Expired
-
Revoked
-
Failed
-
Timed out
-
-
In Use? – Whether the ACM certificate is actively associated with an AWS service such as Elastic Load Balancing or CloudFront. The value can be No or Yes.
You can select the columns that you want to display by choosing the gear icon in the upper-right corner of the console.
To list your certificates using the AWS CLI
Use the list-certificates command to list your ACM-managed certificates as shown in the following example:
$ aws acm list-certificates --max-items 10The command returns information similar to the following:
{
"CertificateSummaryList": [
{
"CertificateArn": "arn:aws:acm:region:account:certificate/certificate_ID_1",
"DomainName": "example.com"
},
{
"CertificateArn": "arn:aws:acm:region:account:certificate/certificate_ID_2",
"DomainName": "mydomain.com"
}
]
}By default, only certificates with keyTypes
RSA_1024 or RSA_2048 and with at least one specified domain
are returned. To see other certificates that you control, such as domainless
certificates or certificates using a different algorithm or bit size, provide the
--includes parameter as shown in the following example. The parameter
allows you to specify a member of the Filters structure.
$ aws acm list-certificates --max-items 10 --includes keyTypes=RSA_4096