Can I export my ACM certificates to other AWS Regions or AWS accounts?

Last updated: 2020-03-06

I requested a public AWS Certificate Manager (ACM) certificate. Can I export the certificate to another AWS Region or AWS account?

Short Description

You can't export an ACM certificate from one AWS Region to another or from one AWS account to another. This is because the default KMS customer master key (CMK) used to encrypt the private key of the certificate is unique for each AWS Region and AWS account. For more information, see ACM Private Key Security.

Resolution

You can create multiple ACM certificates with the same domain name across different AWS Regions and accounts. You can then use these certificates with services that run on AWS Certificate Manager.

For more information, see Request a Public Certificate.

Note: ACM certificates must be requested or imported in the same AWS Region as your load balancer. Amazon CloudFront distributions must request the certificate in the US East (N. Virginia) Region.