How do I retrieve the private key for a certificate generated on AWS Certificate Manager?

sameers picture sameers · Feb 24, 2017 · Viewed 15.6k times · Source

Someone purchased a wildcard certificate via AWS Certificate Manager for their domain name and I need to transfer it to Heroku for an app that uses a sub-domain of the domain name.

I can't figure out, either through the AWS Console or through their CLI, how I would get the private key used to generate the CSR for this certificate? Can anyone on here help me?

Answer

Viccari picture Viccari · Dec 7, 2017

You can't. That's one of the points of using AWS Certificate Manager: the private keys won't leave AWS infrastructure. You can't even use AWS Certificate Manager certs on EC2 today, only on specific services. More information here and here.