UpdateCertificateOptions - Amazon Certificate Manager
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


Updates a certificate. Currently, you can use this function to specify whether to opt in to or out of recording your certificate in a certificate transparency log. For more information, see Opting Out of Certificate Transparency Logging.

Request Syntax

{ "CertificateArn": "string", "Options": { "CertificateTransparencyLoggingPreference": "string" } }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.


In the following list, the required parameters are described first.


ARN of the requested certificate to update. This must be of the form:


Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:[\w+=/,.@-]+:acm:[\w+=/,.@-]*:[0-9]+:[\w+=,.@-]+(/[\w+=,.@-]+)*

Required: Yes


Use to update the options for your certificate. Currently, you can specify whether to add your certificate to a transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser.

Type: CertificateOptions object

Required: Yes

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.


For information about the errors that are common to all actions, see Common Errors.


The requested Amazon Resource Name (ARN) does not refer to an existing resource.

HTTP Status Code: 400


Processing has reached an invalid state.

HTTP Status Code: 400


An ACM quota has been exceeded.

HTTP Status Code: 400


The specified certificate cannot be found in the caller's account or the caller's account cannot be found.

HTTP Status Code: 400



This example illustrates one usage of UpdateCertificateOptions.

Sample Request

POST / HTTP/1.1 acm.us-east-1.amazonaws.com Accept-Encoding: identity Content-Length: 185 X-Amz-Target: CertificateManager.UpdateCertificateOptions X-Amz-Date: 20180326T222032Z User-Agent: aws-cli/1.14.28 Python/2.7.9 Windows/8 botocore/1.8.32 Content-Type: application/x-amz-json-1.1 Authorization: AWS4-HMAC-SHA256 Credential=key_ID/20151222/us-east-1/acm/aws4_request, SignedHeaders=content-type;host;user-agent;x-amz-date;x-amz-target, Signature=7ec7e70cd614724945545b22bc28296f77803d0c2524573d41c994668f07f435 { "CertificateArn": "arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012", "CertificateOptions": { "CertificateTransparencyLoggingPreference": "DISABLED" } }


This example illustrates one usage of UpdateCertificateOptions.

Sample Response

HTTP/1.1 200 OK x-amzn-RequestId: e6f55ecb-3143-11e8-af72-0bd5049841d5 Content-Type: application/x-amz-json-1.1 Content-Length: 0 Date: Tue, 22 Dec 2015 17:07:18 GMT

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: