Export a private certificate and its secret key - Amazon Private Certificate Authority
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Export a private certificate and its secret key

Amazon Private CA cannot directly export a private certificate that it has signed and issued. However, you can use Amazon Certificate Manager to export such a certificate along with its encrypted secret key. The certificate is then completely portable for deployment anywhere in your private PKI. For more information, see Exporting a private certificate in the Amazon Certificate Manager User Guide.

As an added benefit, Amazon Certificate Manager provides managed renewal for private certificates that were issued using the ACM console, the RequestCertificate action of the ACM API, or the request-certificate command in the ACM section of the Amazon CLI. For more information about renewals, see Renewing certificates in a private PKI.