IT & IoT Security | Cloud | It's all about the life itself

Nothing in life is as important as you think it is, while you are thinking about it.

AWS Certificate Manager (ACM)

Hi All,

As IT guys know, SSL/TLS certificates are key elements for the Web sites which are in need of meeting security compliance requirements like PCI-DSS, etc. I will not mention of provisioning process of SSL certificates in this blog post but we all know that it has not been a short process.

I was excited when I first read the blog about the general availability of AWS Certificate Manager web service. You can obtain SSL/TLS certificate from AWS’ Certificate Authority and easily deploy them for use with your AWS services such as ELB and CloudFront distribution. Furthermore, it is for free 🙂 Do not you think that it is really cool!

Let’s look at the configuration. Firstly, you need to request a certificate.

clip_image001

Afterwards, the service sends confirmation e-mail to particular administrative e-mail addresses of your domain. You just need to validate it by clicking the approval url as described below 🙂

clip_image002

Thus, you see the status of certificate as “issued” and ready to use.

clip_image004

To evaluate the process, I have launched a wordpress instance by CloudFormation service and placed it behind the Elastic Load Balancer. Later, I have configured the listener to use the ssl digital certificate issued earlier. You also need to add tcp 443 port to related security group(s) to permit the SSL traffic receiving to ELB listener.

clip_image006

All in all, AWS Certificate Manager (ACM) allows us start using SSL certificates in very short period of time. You can deploy it to your AWS ELB and your AWS CloudFront distribution. After that, ACM can take care of the periodic renewals. You can acquire more information by reading the resources illustrated below.

Enjoy and have a nice day!

Resource(s)

https://aws.amazon.com/documentation/certificate-mgr/

https://aws.amazon.com/blogs/aws/new-aws-certificate-manager-deploy-ssltls-based-apps-on-aws/