List ACM–Managed Certificates
You can use the ACM console or AWS CLI to list the certificates managed by ACM
List Certificates (Console)
Display Certificate Information
Each certificates occupies a row in the console. By default, the following columns are displayed for each certificate:
-
Domain Name – The fully qualified domain name for the certificate.
-
Additional Names – Additional names that are supported by this certificate.
-
Status – Certificate status. This can be any of the following values:
-
Pending validation
-
Issued
-
Inactive
-
Expired
-
Revoked
-
Failed
-
Timed out
-
-
In Use? – Whether the ACM Certificate is actively associated with an AWS service such as Elastic Load Balancing or CloudFront. The value can be No or Yes.
Customize the Console Display
You can select the columns that you want to display by choosing the gear icon
(
) in the upper right corner of the console. You can select from among
the following columns.
List Certificates (CLI)
You can use the list-certificates command to list your ACM-managed certificates.
aws acm list-certificates --max-items 10
The list-certificates command outputs the following information.
{ "CertificateSummaryList": [ { "CertificateArn": "arn:aws:acm:region:account:certificate/123456789012-1234-1234-1234-12345678", "DomainName": "example.com" }, { "CertificateArn": "arn:aws:acm:region:account:certificate/123456789012-1234-1234-1234-12345678", "DomainName": "mydomain.com" } ] }
By default, only certificates that are supported by Services Integrated with AWS Certificate Manager are listed.
That is, only certificates with keyTypes RSA_1024 and RSA_2048
are returned. To see other certificates that you own or control that use a different
algorithm and bit size, use the
--includes parameter as shown in the following example. The parameter allows you to specify
a member of the
Filters structure.
aws acm list-certificates --max-items 10 --includes keyTypes=RSA_4096
