Bootstrap FreeKB - Amazon Web Services (AWS) - Renew certificate using the AWS CLI
Amazon Web Services (AWS) - Renew certificate using the AWS CLI
Updated:   |  Amazon Web Services (AWS) articles

This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

The aws acm list-certificates command can be used to list the Amazon Certificate Management (ACM) certificates you have created.

~]$ aws acm list-certificates
{
    "CertificateSummaryList": [
        {
            "CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/dd2aa938-c186-467c-becf-7ddde42b3d61",
            "DomainName": "example.com"
        }
    ]
}

 

The aws acm describe-certificate command can be used to display more information about a certificate. If RenewalEligibility is ELIGIBLE, then the certificate can be renewed.

~]$ aws acm describe-certificate --certificate-arn arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b
{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b",
        "DomainName": "example.com",
        "SubjectAlternativeNames": [
            "example.com"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "example.com",
                "ValidationDomain": "example.com",
                "ValidationStatus": "PENDING_VALIDATION",
                "ResourceRecord": {
                    "Name": "_4be4327c41bfcc90100cf0b869d1b061.example.com.",
                    "Type": "CNAME",
                    "Value": "_97db65065d0d956b05e17cfdd8dc42a0.fcgjwsnkyp.acm-validations.aws."
                },
                "ValidationMethod": "DNS"
            }
        ],
        "Subject": "CN=example.com",
        "Issuer": "Amazon",
        "CreatedAt": "2023-05-15T20:55:11.903000-05:00",
        "Status": "ISSUED",
        "KeyAlgorithm": "RSA-2048",
        "SignatureAlgorithm": "SHA256WITHRSA",
        "InUseBy": [],
        "Type": "AMAZON_ISSUED",
        "KeyUsages": [],
        "ExtendedKeyUsages": [],
        "RenewalEligibility": "ELIGIBLE",
        "Options": {
            "CertificateTransparencyLoggingPreference": "ENABLED"
        }
    }
}

 

The aws acm renew-certificate command can be used to renew the certificate.

aws acm renew-certificate --certificate-arn arn:aws:acm:us-east-1:123456789012:certificate/1e7f6855-b89c-482b-87f5-833d0b7f088b

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter ce1217 in the box below so that we can be sure you are a human.