Bootstrap FreeKB - Amazon Web Services (AWS) - List certificates using the AWS CLI
Amazon Web Services (AWS) - List certificates using the AWS CLI

Updated:   |  Amazon Web Services (AWS) articles

This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

The aws acm list-certificates command can be used to list the Amazon Certificate Management (ACM) certificates you have created.

~]$ aws acm list-certificates
{
    "CertificateSummaryList": [
        {
            "CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/dd2aa938-c186-467c-becf-7ddde42b3d61",
            "DomainName": "www.example.com"
        }
    ]
}

 

And here is an example of how to limit the output using the --query option.

aws acm list-certificates --query 'CertificateSummaryList[?DomainName==`www.example.com`]'

 

The aws acm describe-certificate command can be used to display more information about a certificate.

~]$ aws acm describe-certificate --certificate-arn arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b
{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b",
        "DomainName": "example.com",
        "SubjectAlternativeNames": [
            "example.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "example.com",
                "ValidationDomain": "example.com",
                "ValidationStatus": "PENDING_VALIDATION",
                "ResourceRecord": {
                    "Name": "_4be4327c41bfcc90100cf0b869d1b061.example.com.",
                    "Type": "CNAME",
                    "Value": "_97db65065d0d956b05e17cfdd8dc42a0.fcgjwsnkyp.acm-validations.aws."
                },
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=example.com",
        "Issuer": "Amazon",
        "CreatedAt": "2023-05-15T20:55:11.903000-05:00",
        "Status": "ISSUED",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "ELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "ENABLED"
        }
    }
}

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter 27b76f in the box below so that we can be sure you are a human.