HEX
Server: Apache
System: Linux pdx1-shared-a1-38 6.6.104-grsec-jammy+ #3 SMP Tue Sep 16 00:28:11 UTC 2025 x86_64
User: mmickelson (3396398)
PHP: 8.1.31
Disabled: NONE
Upload Files
File: //lib/python3/dist-packages/awscli/examples/acm/list-certificates.rst
**To list the ACM certificates for an AWS account**

The following ``list-certificates`` command lists the ARNs of the certificates in your account::

  aws acm list-certificates

The preceding command produces output similar to the following::

  {
      "CertificateSummaryList": [
          {
              "CertificateArn": "arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012", 
              "DomainName": "www.example.com"
          }, 
          {
              "CertificateArn": "arn:aws:acm:us-east-1:493619779192:certificate/87654321-4321-4321-4321-210987654321", 
              "DomainName": "www.example.net"
          }
      ]
  }

You can decide how many certificates you want to display each time you call ``list-certificates``. For example, if you have four certificates and you want to display no more than two at a time, set the ``max-items`` argument to 2 as in the following example::

  aws acm list-certificates --max-items 2

Two certificate ARNs and a ``NextToken`` value will be displayed::

  "CertificateSummaryList": [
    {
      "CertificateArn": "arn:aws:acm:us-east-1:123456789012: \
              certificate/12345678-1234-1234-1234-123456789012", 
      "DomainName": "www.example.com"
    }, 
    {
      "CertificateArn": "arn:aws:acm:us-east-1:123456789012: \
              certificate/87654321-4321-4321-4321-210987654321", 
      "DomainName": "www.example.net"
    }
    ], 
      "NextToken": "9f4d9f69-275a-41fe-b58e-2b837bd9ba48"

To display the next two certificates in your account, set this ``NextToken`` value in your next call::

  aws acm list-certificates --max-items 2 --next-token 9f4d9f69-275a-41fe-b58e-2b837bd9ba48


You can filter your output by using the ``certificate-statuses`` argument. The following command displays certificates that have a PENDING_VALIDATION status::

  aws acm list-certificates --certificate-statuses PENDING_VALIDATION

You can also filter your output by using the ``includes`` argument. The following command displays certificates filtered on the following properties. The certificates to be displayed::

  - Specify that the RSA algorithm and a 2048 bit key are used to generate key pairs.
  - Contain a Key Usage extension that specifies that the certificates can be used to create digital signatures.
  - Contain an Extended Key Usage extension that specifies that the certificates can be used for code signing.
  
  aws acm list-certificates --max-items 10 --includes extendedKeyUsage=CODE_SIGNING,keyUsage=DIGITAL_SIGNATURE,keyTypes=RSA_2048