Author Image Chinthaka Dinadasa

How to Request SSL Certificate From AWS Certificate Manager

AWS Certificate Manager (ACM) is a service provided by Amazon Web Services (AWS) that simplifies the process of provisioning, managing, and deploying SSL/TLS certificates for secure communication over the Internet.

It offers a scalable and cost-effective solution for obtaining and maintaining SSL certificates for your domains and applications.

With AWS Certificate Manager, you can easily request SSL/TLS certificates that are trusted by major browsers and devices.

It supports both single-domain and multi-domain certificates, allowing you to secure multiple domains and subdomains with a single certificate.

ACM takes care of the entire certificate lifecycle, including renewal and automatic deployment to AWS services like Elastic Load Balancers, CloudFront, and API Gateway.

Request Public SSL Certificate

Navigate to the ACM dashboard, and go to the request public SSL certificate section.

Then select the public certificate type and proceed with the domain details entry.

Request SSL certificate from AWS Certificate Manager

Request SSL certificate from AWS Certificate Manager

Here we have to enter the domain address that we are going to request SSL with the validation method we prefer.

Let’s go with DNS validation since the AWS dashboard give us really awesome support when it comes to adding necessary DNS entries for the validation when we are managing domains under route 53.

Here for this SSL certificate, I’m going to request an SSL as a wild card SSL, then we can use the same SSL for every subdomain we create under our main domain.

Request public certificate from AWS certificate manager

Request public certificate from AWS certificate manager

After we request the SSL we have to add the generated CNAME records into the domain under route 53.

AWS uses these CNAME records to validate the domain ownership and issue the SSL certificate.

Goto the certificate request from the ACM dashboard and press create records in Route 53 to automatically add necessary CNAME records to Route 53.

Also, you can follow the manual process and create those necessary CNAME on your domain registry as well.

Create CNAME records in Route 53 from ACM

Create CNAME records in Route 53 from ACM

All done now after we add the CNAME records AWS ACM will issue the necessary SSL certificates within a few minutes after validating ownership through DNS.

SSL certificate issued for the domain

SSL certificate issued for the domain


We are done with requesting and getting a wildcard SSL certificate from the AWS certificate manager to use with the application setup in this article series.

Now we can focus on the next step which focuses on setting up an SSL route with application load balancer and opening HTTPS traffic to the public in our next article.