ListCertificates - Amazon Certificate Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.


Retrieves a list of certificate ARNs and domain names. You can request that only certificates that match a specific status be listed. You can also filter by specific attributes of the certificate. Default filtering returns only RSA_2048 certificates. For more information, see Filters.

Request Syntax

{ "CertificateStatuses": [ "string" ], "Includes": { "extendedKeyUsage": [ "string" ], "keyTypes": [ "string" ], "keyUsage": [ "string" ] }, "MaxItems": number, "NextToken": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.


In the following list, the required parameters are described first.


Filter the certificate list by status value.

Type: Array of strings


Required: No


Filter the certificate list. For more information, see the Filters structure.

Type: Filters object

Required: No


Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 1000.

Required: No


Use this parameter only when paginating results and only in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 10000.

Pattern: [\u0009\u000A\u000D\u0020-\u00FF]*

Required: No

Response Syntax

{ "CertificateSummaryList": [ { "CertificateArn": "string", "DomainName": "string" } ], "NextToken": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


A list of ACM certificates.

Type: Array of CertificateSummary objects


When the list is truncated, this value is present and contains the value to use for the NextToken parameter in a subsequent pagination request.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 10000.

Pattern: [\u0009\u000A\u000D\u0020-\u00FF]*


For information about the errors that are common to all actions, see Common Errors.


One or more of of request parameters specified is not valid.

HTTP Status Code: 400


List Certificates

The following example lists certificates that you can use to create digital signatures and to sign code.

Sample Request

POST / HTTP/1.1 Host: Accept-Encoding: identity Content-Length: 129 X-Amz-Target: CertificateManager.ListCertificates X-Amz-Date: 20171118T204928Z User-Agent: aws-cli/1.11.132 Python/2.7.9 Windows/8 botocore/1.5.95 Content-Type: application/x-amz-json-1.1 Authorization: AWS4-HMAC-SHA256 Credential=key_ID/20171118/us-east-1/acm/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=49a54... { "MaxItems": 10, "Includes": { "keyUsage": ["DIGITAL_SIGNATURE"], "keyTypes": ["RSA_2048"], "extendedKeyUsage": ["CODE_SIGNING"] } }

Sample Response

HTTP/1.1 200 OK x-amzn-RequestId: fa8ffa7f-cca1-11e7-80db-736b2201613a Content-Type: application/x-amz-json-1.1 Content-Length: 164 Date: Sat, 18 Nov 2017 20:49:32 GMT Connection: Keep-alive {"CertificateSummaryList": [ { "CertificateArn": "arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012", "DomainName": "" }, { "CertificateArn": "arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012", "DomainName": "" } ] }

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: