Menu
Someone purchased a wildcard certificate via AWS Certificate Manager for their domain name and I need to transfer it to Heroku for an app that uses a sub-domain of the domain name.
I can't figure out, either through the AWS Console or through their CLI, how I would get the private key used to generate the CSR for this certificate? Can anyone on here help me?
525
To retrieve a CA certificate You can use the ACM Private CA API and AWS CLI to retrieve the certificate authority (CA) certificate for your private CA. Run the get-certificate-authority-certificate command. You can also call the GetCertificateAuthorityCertificate operation.
Check the status (console)Open the AWS Certificate Manager console at https://console.aws.amazon.com/acm/home . Expand a certificate to view its details. Find the Renewal Status in the Details section. If you don't see the status, ACM hasn't started the managed renewal process for this certificate.
If you postponed certificate installation, open the ACM Private CA console at https://console.aws.amazon.com/acm-pca/home . On the List certificate authorities page, choose a root CA with status Pending Certificate or Active. Then choose Actions, Install CA Certificate to open the Install root CA certificate wizard.
You can't. That's one of the points of using AWS Certificate Manager: the private keys won't leave AWS infrastructure. You can't even use AWS Certificate Manager certs on EC2 today, only on specific services. More information here and here.
Edit: You can now use private certificates issued with ACM Private CA with EC2 instances, see more info here. However, that is only useful for private networks, as major browsers won't recognize ACM Private CA by default.
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
