venket's b log

Amazon Certificate Manager

Amazon Certificate Manager

Venketraman's photo
Venketraman
·

3 min read

Amazon Certificate Manager

AWS Certificate Manager is an Amazon Web Services tool that allows an IT team to provision, manage and deploy free Secure Sockets Layer (SSL) and Transport Security Layer (TSL) certifications in the AWS cloud.

ACM is integrated with the following services:

  • Elastic Load Balancing

  • Amazon CloudFront – To use an ACM certificate with CloudFront, you must request or import the certificate in the US East (N. Virginia) region.

  • AWS Elastic Beanstalk

  • Amazon API Gateway

  • AWS CloudFormation

Types of Certificates For Use With ACM

Public certificates

  • ACM manages the renewal and deployment of public certificates used with ACM-integrated services.

  • You cannot install public ACM certificates directly on your website or application, only for integrated services.

Private certificates

  • This is intranet certificate .so you can only use this with-in aws infra or hybrid cloud.

Imported certificates

  • You can import your own certificate that are already purchsed from other vendors.

Ok Now I am going to explain how to Create the certificate in AWS ACM.

  • Open AWS Certificate Manager in AWS Console.

image.png

  • Select request public certificate option.

image.png

  • Now AWS Asking the domain name. enter your domain name.

image.png

Now AWS ACM Validate our domain name to provide the certificate using two methods.

DNS validation

  • In DNS Validation we want to create records to verify the domain belongs to us.

Email validation.

  • In Email validation we want to send or receive the email to confirm the domain belongs to us.

Here i am using DNS Validation method.

image.png

  • Next we want add tag for this resource.

image.png

  • Finally we review and confirm the certificate request.
  • Final step is validation ACM Validate our DNS Records. image.png
  • Its shows the pending validation. Dropdown the arrow mark.

image.png

  • While configure ACM for DNS Validation it shows the option create record in Route53.
  • Route53 automatically create the essential record for you.

image.png

image.png

image.png

  • Its successfully create the record for you. image.png

Create Loadbalncer and attach the SSL certificate which ACM provided to our domain.

  • If you want to know much about how to configure classic load balancer check my previous article.

venket.hashnode.dev/configure-classic-load-..

  • In the middle of load balancer configuration in the configure security settings select choose a certificate From ACM and choose which certificate from which one you want to configure for your website. image.png
  • After successfully configure your load balancer your certificate merged with your loadbalancer. so now we want to create the DNS A Record and map the load balancer name to it.

image.png

  • Now our website is secured with SSL. See the website with lock symbol.

image.png

  • In browser right click the lock symbol before the website name and again click the certificate link. image.png
  • This Certificate issued by AWS ACM service image.png
  • This Certificate is provided by amazon image.png

Did you find this article valuable?

Support Venketraman by becoming a sponsor. Any amount is appreciated!

SSLdnshttps