AWS Certificate Manager is a service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates. With AWS Certificate Manager, you can quickly request a certificate, deploy it on AWS resources such as Elastic Load Balancers or Amazon CloudFront distributions, and let AWS Certificate Manager handle certificate renewals. SSL/TLS certificates provisioned through AWS Certificate Manager are free. You pay only for the AWS resources you create to run your application.
Benefits and Key Features
Protect and Secure Your Website
SSL, and its successor TLS, are industry standard protocols for encrypting network communications and establishing the identity of websites over the Internet. SSL/TLS provides encryption for sensitive data in transit and authentication using SSL/TLS certificates to establish the identity of your site and secure connections between browsers and applications and your site. AWS Certificate Manager provides an easy way to provision and manage these certificates so you can configure a website or application to use the SSL/TLS protocol.
Get Certificates Quickly and Easily
AWS Certificate Manager removes many of the time-consuming and error-prone steps to acquire an SSL/TLS certificate for your website or application. There is no need to generate a key pair or certificate signing request (CSR), submit a CSR to a Certificate Authority, or upload and install the certificate once received. With a few clicks in the AWS Management Console, you can quickly request a trusted SSL/TLS certificate from AWS. Once the certificate is approved, AWS Certificate Manager takes care of deploying certificates, to help you enable SSL/TLS for your website or application.
With AWS Certificate Manager, there is no additional charge for provisioning SSL/TLS certificates. You pay only for the AWS resources you create to run your application, such as Elastic Load Balancers or Amazon CloudFront distributions.
Managed Certificate Renewal
AWS Certificate Manager manages the renewal process of SSL/TLS certificates and deploys renewed certificates to your AWS resources, avoiding errors that manual processes can introduce. Since AWS Certificate Manager manages SSL/TLS certificate renewals, you don’t need additional software agents or other client software on your server, avoiding additional costs and overhead.
Secure Key Management
AWS Certificate Manager is designed to protect and manage the private keys used with SSL/TLS certificates. Strong encryption and key management best practices are used when protecting and storing private keys.
Centrally Manage Certificates on the AWS Cloud
You will find it easy to centrally manage all AWS Certificate Manager SSL/TLS certificates provided by ACM in an AWS Region from the AWS Management Console, AWS CLI, or AWS Certificate Manager APIs. You can also audit the use of each certificate by reviewing your Amazon CloudTrail logs.
Integrated with Other AWS Cloud Services
AWS Certificate Manager is integrated with other AWS services, so you can provision an SSL/TLS certificate and deploy it with your Elastic Load Balancer or Amazon CloudFront distribution. To deploy a certificate with a load balancer or CloudFront distribution, you simply select the certificate you want from a drop-down list in the AWS Management Console. Alternatively, you can call an AWS API or CLI to associate the certificate with your load balancer or CloudFront distribution. AWS Certificate Manager then deploys the certificate to the selected resource for you.
Popular AWS Certificate Manager Use Cases
Help Meet Compliance Requirements
By making it easy to enable SSL/TLS, AWS Certificate Manager can help your organization meet regulatory and compliance requirements for encryption of data in transit. For specific information about compliance, refer to the AWS Cloud Compliance site.
Minimize Downtime and Outages
AWS Certificate Manager can help you minimize downtime due to misconfigured, revoked, or expired certificates. AWS Certificate Manager helps manage the challenges of maintaining SSL/TLS certificates, including certificate renewals so you don’t have to worry about outages resulting from expiring certificates.
Improve Search Rankings
Adopting HTTPS (secure HTTP) ensures higher search rankings. If your site was previously not secured with an SSL/TLS certificate, securing your website with an SSL/TLS certificate from AWS Certificate Manager is a quick and easy way to help improve your search rankings.