EDIT: I need to request certificates, after generating CAs, as per this link. I wrongly assumed the certificate attached to the CA was the desired certificate for use within the VPN Client Endpoint wizard.
Instructions are as follows:
Sign into the AWS Management Console and open the ACM console at https://console.aws.amazon.com/acm/home
Choose Request a certificate.
On the Request a certificate page, choose Request a private certificate and Request a certificate to continue.
On the Select a certificate authority (CA) page, click the Select a CA field to view the list of available private CAs identified by ARN. If the CA is shared from another account, the ARN is prefaced by ownership information. Choose a CA from the list.
Details about the CA are displayed to help you verify that you have chosen the correct CA:
I am trying to use the certificates that I generated in ACM with the VPN Client Endpoint service. I have generated a root ca, then a server and client ca as subordinate to that root ca, in the ACM.
When I go to use these in the Client VPN Endpoint generation wizard, it does not appear available.
If I attempt to just copy paste the ARN as found on the "Status" tab of the certificate, when generating the client vpn endpoint I receive an error:
