Listing certificates managed by ACM - AWS Certificate Manager

Listing certificates managed by ACM

You can use the ACM console or AWS CLI to list the certificates managed by ACM.

Note

If you manage 100 or more certificates, we recommend using the AWS CLI option.

To list your certificates using the console

  1. Open the ACM console at https://console.aws.amazon.com/acm/.

  2. Review the information in the table. Each certificate occupies a row with the following columns displayed by default for each certificate:

  • Domain Name – The fully qualified domain name (FQDN) for the certificate.

  • Additional Names – Additional names that are supported by this certificate.

  • Status – Certificate status. This can be any of the following values:

    • Pending validation

    • Issued

    • Inactive

    • Expired

    • Revoked

    • Failed

    • Timed out

  • In Use? – Whether the ACM certificate is actively associated with an AWS service such as Elastic Load Balancing or CloudFront. The value can be No or Yes.

Note

You can select the columns that you want to display by choosing the gear icon in the upper-right corner of the console.

To list your certificates using the AWS CLI

Use the list-certificates command to list your ACM-managed certificates as shown in the following example:

$ aws acm list-certificates --max-items 10

The command returns information similar to the following:

{ "CertificateSummaryList": [ { "CertificateArn": "arn:aws:acm:region:account:certificate/certificate_ID_1", "DomainName": "example.com" }, { "CertificateArn": "arn:aws:acm:region:account:certificate/certificate_ID_2", "DomainName": "mydomain.com" } ] }

By default, only certificates with keyTypes RSA_1024 or RSA_2048 and with at least one specified domain are returned. To see other certificates that you control, such as domainless certificates or certificates using a different algorithm or bit size, provide the --includes parameter as shown in the following example. The parameter allows you to specify a member of the Filters structure.

$ aws acm list-certificates --max-items 10 --includes keyTypes=RSA_4096