AWS Certificate Manager

We mainly check whether commands can be executed using AWS Cloud9.
If you would like to provide example commands, please submit them using the form below.
Please also provide corrections if the command examples have mistake.

Suggest コメントをキャンセル

Import a self-signed certificate into ACM

aws acm import-certificate \
--certificate fileb://cert.pem \
--private-key fileb://privatekey.key \
--certificate-chain fileb://chain.pem

output

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b92"
}

by anonymous

Request a certificate from a private CA

ca_arn="arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566"

aws acm request-certificate \
--domain-name www.example.com \
--certificate-authority-arn $ca_arn

output

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b91"
}

by anonymous

Request a public certificate

aws acm request-certificate \
--domain-name www.example.com \
--validation-method DNS

output

{
    "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90"
}

by anonymous

List certificates

aws acm list-certificates \
--query 'CertificateSummaryList[*].[CertificateArn, DomainName] | map(&[], @)' \
--output text

output

arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90        www.example.com
arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b91        www.example.com
arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b92        www.example.com

by anonymous

View certificate details

aws acm describe-certificate \
--certificate-arn arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90

output

{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90",
        "DomainName": "www.example.com",
        "SubjectAlternativeNames": [
            "www.example.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "www.example.com",
                "ValidationDomain": "www.example.com",
                "ValidationStatus": "FAILED",
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=www.example.com",
        "Issuer": "Amazon",
        "CreatedAt": "2024-05-04T10:13:13.867000+00:00",
        "Status": "FAILED",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "FailureReason": "ADDITIONAL_VERIFICATION_REQUIRED",
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "INELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "ENABLED"
        }
    }
}

by anonymous

Delete a certificate

aws acm delete-certificate \
--certificate-arn arn:aws:acm:us-east-2:444455556666:certificate/cffb8a69-0817-4e04-bfb1-dac7426d6b90

output

None

by anonymous