There are more AWS SDK examples available in the AWS Doc SDK Examples
Use ListCertificates
with an AWS SDK or CLI
The following code examples show how to use ListCertificates
.
Action examples are code excerpts from larger programs and must be run in context. You can see this action in context in the following code example:
- .NET
-
- AWS SDK for .NET
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository
. using System; using System.Threading.Tasks; using Amazon; using Amazon.CertificateManager; using Amazon.CertificateManager.Model; namespace ListCertificates { // The following example retrieves and displays a list of the // certificates defined for the default account using the AWS // Certificate Manager (ACM) service. class ListCertificates { // Specify your AWS Region (an example Region is shown). private static readonly RegionEndpoint ACMRegion = RegionEndpoint.USEast1; private static AmazonCertificateManagerClient _client; static void Main(string[] args) { _client = new AmazonCertificateManagerClient(ACMRegion); var certificateList = ListCertificatesResponseAsync(client: _client); Console.WriteLine("Certificate Summary List\n"); foreach (var certificate in certificateList.Result.CertificateSummaryList) { Console.WriteLine($"Certificate Domain: {certificate.DomainName}"); Console.WriteLine($"Certificate ARN: {certificate.CertificateArn}\n"); } } /// <summary> /// Retrieves a list of the certificates defined in this Region. /// </summary> /// <param name="client">The ACM client object passed to the /// ListCertificateResAsync method call.</param> /// <param name="request"></param> /// <returns>The ListCertificatesResponse.</returns> static async Task<ListCertificatesResponse> ListCertificatesResponseAsync( AmazonCertificateManagerClient client) { var request = new ListCertificatesRequest(); var response = await client.ListCertificatesAsync(request); return response; } } }
-
For API details, see ListCertificates in AWS SDK for .NET API Reference.
-
- C++
-
- SDK for C++
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository
. //! List the AWS Certificate Manager (ACM) certificates in an account. /*! \param clientConfiguration: AWS client configuration. \return bool: Function succeeded. */ bool AwsDoc::ACM::listCertificates( const Aws::Client::ClientConfiguration &clientConfiguration) { Aws::ACM::ACMClient acmClient(clientConfiguration); Aws::ACM::Model::ListCertificatesRequest request; Aws::Vector<Aws::ACM::Model::CertificateSummary> allCertificates; Aws::String nextToken; do { if (!nextToken.empty()) { request.SetNextToken(nextToken); } Aws::ACM::Model::ListCertificatesOutcome outcome = acmClient.ListCertificates(request); if (!outcome.IsSuccess()) { std::cerr << "Error: ListCertificates: " << outcome.GetError().GetMessage() << std::endl; return false; } else { const Aws::ACM::Model::ListCertificatesResult &result = outcome.GetResult(); const Aws::Vector<Aws::ACM::Model::CertificateSummary> &certificates = result.GetCertificateSummaryList(); allCertificates.insert(allCertificates.end(), certificates.begin(), certificates.end()); nextToken = result.GetNextToken(); } } while (!nextToken.empty()); if (!allCertificates.empty()) { for (const Aws::ACM::Model::CertificateSummary &certificate: allCertificates) { std::cout << "Certificate ARN: " << certificate.GetCertificateArn() << std::endl; std::cout << "Domain name: " << certificate.GetDomainName() << std::endl << std::endl; } } else { std::cout << "No available certificates found in account." << std::endl; } return true; }
-
For API details, see ListCertificates in AWS SDK for C++ API Reference.
-
- CLI
-
- AWS CLI
-
To list the ACM certificates for an AWS account
The following
list-certificates
command lists the ARNs of the certificates in your account:aws acm list-certificates
The preceding command produces output similar to the following:
{ "CertificateSummaryList": [ { "CertificateArn": "arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012", "DomainName": "www.example.com" }, { "CertificateArn": "arn:aws:acm:region:account:certificate/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "DomainName": "www.example.net" } ] }
You can decide how many certificates you want to display each time you call
list-certificates
. For example, if you have four certificates and you want to display no more than two at a time, set themax-items
argument to 2 as in the following example:aws acm list-certificates --max-items
2
Two certificate ARNs and a
NextToken
value will be displayed:"CertificateSummaryList": [ { "CertificateArn": "arn:aws:acm:region:account: \ certificate/12345678-1234-1234-1234-123456789012", "DomainName": "www.example.com" }, { "CertificateArn": "arn:aws:acm:region:account: \ certificate/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "DomainName": "www.example.net" } ], "NextToken": "9f4d9f69-275a-41fe-b58e-2b837bd9ba48"
To display the next two certificates in your account, set this
NextToken
value in your next call:aws acm list-certificates --max-items
2
--next-token9f4d9f69-275a-41fe-b58e-2b837bd9ba48
You can filter your output by using the
certificate-statuses
argument. The following command displays certificates that have a PENDING_VALIDATION status:aws acm list-certificates --certificate-statuses
PENDING_VALIDATION
You can also filter your output by using the
includes
argument. The following command displays certificates filtered on the following properties. The certificates to be displayed:- Specify that the RSA algorithm and a 2048 bit key are used to generate key pairs. - Contain a Key Usage extension that specifies that the certificates can be used to create digital signatures. - Contain an Extended Key Usage extension that specifies that the certificates can be used for code signing. aws acm list-certificates --max-items 10 --includes extendedKeyUsage=CODE_SIGNING,keyUsage=DIGITAL_SIGNATURE,keyTypes=RSA_2048
-
For API details, see ListCertificates
in AWS CLI Command Reference.
-
- Java
-
- SDK for Java 2.x
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository
. /** * Before running this Java V2 code example, set up your development * environment, including your credentials. * <p> * For more information, see the following documentation topic: * <p> * https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class ListCerts { public static void main(String[] args) { listCertificates(); } /** * Lists all the certificates managed by AWS Certificate Manager (ACM) that have a status of "ISSUED". */ public static void listCertificates() { AcmClient acmClient = AcmClient.create(); try { ListCertificatesRequest listRequest = ListCertificatesRequest.builder() .certificateStatuses(CertificateStatus.ISSUED) .maxItems(100) .build(); ListCertificatesIterable listResponse = acmClient.listCertificatesPaginator(listRequest); // Print the certificate details using streams listResponse.certificateSummaryList().stream() .forEach(certificate -> { System.out.println("Certificate ARN: " + certificate.certificateArn()); System.out.println("Certificate Domain Name: " + certificate.domainName()); System.out.println("Certificate Status: " + certificate.statusAsString()); System.out.println("---"); }); } catch (AcmException e) { System.err.println(e.getMessage()); } } }
-
For API details, see ListCertificates in AWS SDK for Java 2.x API Reference.
-
- PowerShell
-
- Tools for PowerShell
-
Example 1: Retrieves a list of all your certificate ARNs and the domain name for each. The cmdlet will automatically paginate to retrieve all the ARNs. To manually control pagination, use the -MaxItem parameter to control how many certificate ARNs are returned for each service call and the -NextToken parameter to indicate the starting point for each call.
Get-ACMCertificateList
Output:
CertificateArn DomainName -------------- ---------- arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012 www.example.com
Example 2: Retrieves a list of all your certificate ARNs where the certificate status matches on the supplied states.
Get-ACMCertificateList -CertificateStatus "VALIDATION_TIMED_OUT","FAILED"
Example 3: This example returns a list of all certificates in the us-east-1 region that have a key type of RSA_2048, and an extended key usage, or purpose, of CODE_SIGNING. You can find the values for these filtering parameters in the ListCertificates Filters API reference topic: https://docs.aws.amazon.com/acm/latest/APIReference/API_Filters.html.
Get-ACMCertificateList -Region us-east-1 -Includes_KeyType RSA_2048 -Includes_ExtendedKeyUsage CODE_SIGNING
Output:
CertificateArn DomainName -------------- ---------- arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-d7c0-48c1-af8d-2133d8f30zzz *.route53docs.com arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-98a5-443d-a734-800430c80zzz nerdzizm.net arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-2be6-4376-8fa7-bad559525zzz arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-e7ca-44c5-803e-24d9f2f36zzz arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-1241-4b71-80b1-090305a62zzz arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-8709-4568-8c64-f94617c99zzz arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-a8fa-4a61-98cf-e08ccc0eezzz arn:aws:acm:us-east-1:8xxxxxxxxxxx:certificate/xxxxxxxx-fa47-40fe-a714-2d277d3eezzz *.route53docs.com
-
For API details, see ListCertificates in AWS Tools for PowerShell Cmdlet Reference.
-
- Python
-
- SDK for Python (Boto3)
-
Note
There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository
. class AcmCertificate: """ Encapsulates ACM functions. """ def __init__(self, acm_client): """ :param acm_client: A Boto3 ACM client. """ self.acm_client = acm_client def list( self, max_items, statuses=None, key_usage=None, extended_key_usage=None, key_types=None, ): """ Lists the certificates for the current account. :param max_items: The maximum number of certificates to list. :param statuses: Filters the results to the specified statuses. If None, all certificates are included. :param key_usage: Filters the results to the specified key usages. If None, all key usages are included. :param extended_key_usage: Filters the results to the specified extended key usages. If None, all extended key usages are included. :param key_types: Filters the results to the specified key types. If None, all key types are included. :return: The list of certificates. """ try: kwargs = {"MaxItems": max_items} if statuses is not None: kwargs["CertificateStatuses"] = statuses includes = {} if key_usage is not None: includes["keyUsage"] = key_usage if extended_key_usage is not None: includes["extendedKeyUsage"] = extended_key_usage if key_types is not None: includes["keyTypes"] = key_types if includes: kwargs["Includes"] = includes response = self.acm_client.list_certificates(**kwargs) certificates = response["CertificateSummaryList"] logger.info("Got %s certificates.", len(certificates)) except ClientError: logger.exception("Couldn't get certificates.") raise else: return certificates
-
For API details, see ListCertificates in AWS SDK for Python (Boto3) API Reference.
-