AWS Certificate Manager
User Guide (Version 1.0)

List ACM–Managed Certificates

You can use the ACM console or AWS CLI to list the certificates managed by ACM

List Certificates (Console)

Display Certificate Information

Each certificates occupies a row in the console. By default, the following columns are displayed for each certificate:

  • Domain Name – The fully qualified domain name for the certificate.

  • Additional Names – Additional names that are supported by this certificate.

  • Status – Certificate status. This can be any of the following values:

    • Pending validation

    • Issued

    • Inactive

    • Expired

    • Revoked

    • Failed

    • Timed out

  • In Use? – Whether the ACM Certificate is actively associated with an AWS service such as Elastic Load Balancing or CloudFront. The value can be No or Yes.

Customize the Console Display

You can select the columns that you want to display by choosing the gear icon ( ) in the upper right corner of the console. You can select from among the following columns.

    			Certificate columns.

List Certificates (CLI)

You can use the list-certificates command to list your ACM-managed certificates.

aws acm list-certificates --max-items 10

The list-certificates command outputs the following information.

{ "CertificateSummaryList": [ { "CertificateArn": "arn:aws:acm:region:account:certificate/123456789012-1234-1234-1234-12345678", "DomainName": "" }, { "CertificateArn": "arn:aws:acm:region:account:certificate/123456789012-1234-1234-1234-12345678", "DomainName": "" } ] }

By default, only certificates that are supported by Services Integrated with AWS Certificate Manager are listed. That is, only certificates with keyTypes RSA_1024 and RSA_2048 are returned. To see other certificates that you own or control that use a different algorithm and bit size, use the --includes parameter as shown in the following example. The parameter allows you to specify a member of the Filters structure.

aws acm list-certificates --max-items 10 --includes keyTypes=RSA_4096