How do I retrieve the private key for a certificate generated on AWS Certificate Manager?

aws-certificate-manager
sameers picture sameers · Feb 24, 2017 · Viewed 15.6k times · Source

Someone purchased a wildcard certificate via AWS Certificate Manager for their domain name and I need to transfer it to Heroku for an app that uses a sub-domain of the domain name.

I can't figure out, either through the AWS Console or through their CLI, how I would get the private key used to generate the CSR for this certificate? Can anyone on here help me?

Answer

Viccari picture Viccari · Dec 7, 2017

You can't. That's one of the points of using AWS Certificate Manager: the private keys won't leave AWS infrastructure. You can't even use AWS Certificate Manager certs on EC2 today, only on specific services. More information here and here.

Related questions

AWS ACM wildcard ssl certificate not working on domain

I created a SSL certificate for my site using Amazon Certificate Manager. The certificate is for *.example.com. I have then attached this certificate to my ELB and have left the instance protocol as http. So SSL chain is only …

Read More
Can I share ACM SSL certificates between AWS acounts

I have a few AWS accounts where I manage DNS addresses and ACM SSL certificates. I have a top-level.com domain in one account and another account manages subdomain.top-level.com. I created some SSL certificates with ACM on the …

Read More