AWS Certificate Manager is an Amazon Web Services tool that allows an IT team to provision, manage and deploy free Secure Sockets Layer (SSL) and Transport Security Layer (TSL) certifications in the AWS cloud.
SSL and TSL certifications are used to identify and secure encrypted network connections to websites over the internet, improve search rankings for a website and help meet compliance requirements. A developer deploys a certificate from the AWS Management Console, the AWS Command Line Interface or a call to an application programming interface.
AWS Certificate Manager makes it easier for an IT team to create secure network connections for websites and applications, removing the need for it to manually purchase, upload and renew certificates. AWS Certificate Manager allows a developer to deploy a certificate on an Amazon CloudFront distribution or a load balancer; the service also manages certificate renewals. A developer can also import a third-party certificate, but AWS Certificate Manager cannot renew imported certificates.
SSL and TSL certificates are part of a public key infrastructure, which enables one party to verify the identity of another with a mutually trusted third-party certificate authority. AWS Certificate Manager only issues domain-validated certificates, meaning the subject field of a certificate only contains the domain names. The domain owner or representative then receives an email and approves the certificate request.
AWS Certificate Manager protects its private keys with strong encryption and key management practices.