It’s every site administrator’s nightmare to access their website first thing in the morning and see the dreaded message, “Your connection is not private.” Your certificate has expired, and now you’re in a mad scramble to get everything into place before your users think you’ve been hacked. Fortunately, the AWS Certificate Manager (ACM) can prevent this from happening by simplifying and automating your certificates with these features and services.
The biggest draw of ACM is the way it automates the steps associated with administering certificates. Many of the steps related to requesting a certificate, including generating a Certificate Signing Request and submitting it to the Certificate Authority, are taken care of for you. And with managed renewals, ACM will renew certificates for you on a given schedule and deploy the certificates to wherever they need to go.
Amazon makes it easy to integrate one of its services with another, and ACM is no exception. Here are a few AWS services that benefit significantly from ACM integrations.
- Elastic Load Balancing – ACM can deploy certificates to the Elastic Load Balancer to provide a secure connection to your website. It’s important to note that ACM cannot deploy a certificate directly to your EC2 instances, so to use it with your website, you’ll need to put a load balancer in front of them.
- Amazon CloudFront – CloudFront is an easy way to deliver content to your users around the world quickly, but each distribution requires a certificate to keep it secure. ACM makes this an easy, automated process that you can set up once and forget about it.
- AWS CloudFormation – CloudFormation lets you define a template for the resources you’re using in AWS, then takes care of setting up the resources for you. Integrating with ACM, CloudFormation can set up an Elastic Load Balancer, CloudFront distribution, and more with a certificate already installed, automating certificates even further.
Public and Private Certificates
ACM lets you issue both public and private certificates. Public certificates are used to identify resources on the public internet, and private certificates perform the same function for private networks. Many of the benefits of using ACM for public certificates are available for private certificates – for example, automated deployments and renewals. Additionally, private certificates require up-front time and resources that are now handled for you. ACM helps you by walking you through the steps to configure your Certificate Authority or CA and defining the rules your certificates will follow. You can also use ACM to define a CA hierarchy, including online root and subordinate CAs.
AWS Certificate Manager gives you the tools to automate much of the certificate process and avoid unnecessary downtime. With the features listed above, you’ll have more time to focus on improving, rather than just maintaining, your website. If you’d like to learn more about how the AWS Certificate Manager can benefit your organization, to schedule a time to talk with one of our specialists.