Generate Free SSL Certificate using AWS Certificate Manager

 AWS Certificate Manager (ACM) provides a free public SSL/TLS certificate for your AWS-based websites and applications such as Elastic Load Balancer and CloudFront Distribution. You pay only for the AWS resources you use to run your application.

Note: You cannot install public ACM certificates directly on your website or application. You can install and manage only your certificate within ACM Console.

To get started, this guide will show you through step process on how to generate public SSL certificate on AWS Certificate Manager within the AWS Management Console.

Step 1. Request a Public SSL Certificate

Sign into the AWS Management Console and open the ACM console at

On the screen, Choose Request a certificate.

Next, choose Request a public certificate and click Request a certificate to continue.

Step 2. Add Domain Names

On this section, type your domain name and you can also add multiple domain or using a wildcard (*) certificate to protect several sites in the same domain (e.g.

Now, Choose Next to continue.

Step 3. Select Domain Validation

On this section, Choose DNS validation rather than email validation.

If you use DNS validation, you simply write a CNAME record provided by ACM to your DNS configuration. Select Next to continue.

Step 4. Add tags

On this page, this is optional, but I recommend you to add tags for your certificate to serve as metadata for identifying and organizing AWS resources.

When you finish adding tags, choose Review.

Next, If the Review page contains correct information about your request and then choose Confirm and request.

Step 5. Validate Certificate

As you can see the status is Pending validation. If you are using different DNS provider (such as GoDaddy, Namecheap and more), then use the CNAME record on the screen provided by AWS ACM.

Also, If you use Route 53, this can be done by selecting the Create record in Route 53, and then it will be automatically written to your Route 53 hosted zone.

Then wait for a couple of minutes for the changes to propagate, and for AWS to validate the domain.

Finally, your domain name successfully validated, and then an SSL certificate is ready to be assigned on Amazon CloudFront to serve static for your website application.

Post a Comment