Skip to main content

AWS Certificate Manager

AWS Certificate Manager (ACM) provides a way to issue widely accepted Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for any domain that the user controls. Issued certificates can be used with all AWS services.

The ease-of-use, price, and integration level of ACM certificates can't be beaten in an AWS stack, to the point where questions should be asked if external certificates are being used.


  • ACM issued certs can't be exported from the service, so they can't be abused by third parties
  • Certificate renewal can be automatic
  • Configuring the use of ACM certs with AWS services is much easier than the use of externally issued TLS certificates
  • ACM issued certs are free


  • ACM issued certs can only be used in AWS provided services