AWS Certificate Manager
- Easily provision, manage and deploy TLS Certificates
- Provide in-flight encryption for websites (HTTPS)
- Supports both public and private TLS certificates
- Free of charge for public TLS certificates
- Automatic TLS certificate renewal
- Integrations with (load TLS certificates on)
- Elastic Load Balancers (CLB, ALB, NLB)
- CloudFront Distributions
- APIs on API Gateway
- Cannot use ACM with EC2 (canโt be extracted)
Importing Public Certificates
- Option to generate the certificate outside of ACM and then import it
- No automatic renewal
- ACM sends daily expiration events starting 45 days prior to expiration
- AWS Config has a managed rule to check for expiring certificates
References