Importing a certificate - AWS Certificate Manager

Importing a certificate

You can import a certificate into ACM by using the AWS Management Console, the AWS CLI, or the ACM API. The following topics show you how to use the AWS Management Console and the AWS CLI.


The private key of an imported certificate must be no larger than 5 KB (5,120 bytes).

Import (console)

The following example shows how to import a certificate using the AWS Management Console.

  1. Open the ACM console at If this is your first time using ACM, look for the AWS Certificate Manager heading and choose the Get started button under it.

  2. Choose Import a certificate.

  3. Do the following:

    1. For Certificate body, paste the PEM-encoded certificate to import.

    2. For Certificate private key, paste the PEM-encoded, unencrypted private key that matches the certificate's public key.


      Currently, Services integrated with AWS Certificate Manager support only the RSA_1024 and RSA_2048 algorithms.

    3. (Optional) For Certificate chain, paste the PEM-encoded certificate chain.

  4. Choose Review and import.

  5. Review the information about your certificate, then choose Import.

Import (AWS CLI)

The following example shows how to import a certificate using the AWS Command Line Interface (AWS CLI). The example assumes the following:

  • The PEM-encoded certificate is stored in a file named Certificate.pem.

  • The PEM-encoded certificate chain is stored in a file named CertificateChain.pem.

  • The PEM-encoded, unencrypted private key is stored in a file named PrivateKey.pem.

To use the following example, replace the file names with your own and type the command on one continuous line. The following example includes line breaks and extra spaces to make it easier to read.

$ aws acm import-certificate --certificate fileb://Certificate.pem \ --certificate-chain fileb://CertificateChain.pem \ --private-key fileb://PrivateKey.pem

If the import-certificate command is successful, it returns the Amazon Resource Name (ARN) of the imported certificate.