Certified Security - Specialty

Sign Up Free or Log In to participate!

Incorrect information about AWS Certificate Manager

The summary of the video mentions that certificate are auto-renewed only if the domain was purchased through Route 53. However that isn’t correct. Even if the domain was not purchased through Route 53, ACM will do a automatic renewal. More on that can be referred:

1. Automatic Domain Validation

2. Managed Renewal for ACM’s Amazon-Issued Certificates

Yashar Araghi

and another pointer that was also mentioned was "You cannot export the certificates". This statement is not true for private certificates. referring to ACM FAQ: "You can export private certificates from ACM and use them with EC2 instances, containers, on-premises servers, and IoT devices. ACM Private CA automatically renews these certificates and sends an Amazon CloudWatch notification when the renewal is completed. You can write client-side code to download renewed certificates and private keys and deploy them with your application"


Exporting certificates only applies to ACM private CA, which is fairly expensive.

0 Answers

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?