Q: What is AWS Certificate Manager (ACM)?
AWS Certificate Manager is a service that helps you easily provision, manage, and deploy public and private Secure Socket Layer/Transport Layer (SSL/TLS) certificates for use with AWS products and your interconnected resources. SSL/TLS certificates are used to secure network communications and confirm the identity of websites on the Internet and the identity of resources on private networks. With AWS Certificate Manager, you no longer have to go through the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates. With AWS Certificate Manager, you can quickly request a certificate, deploy it on AWS resources such as Elastic Load Balancer, Amazon CloudFront assignments, and APIs on API Gateway, and let AWS Certificate Manager handle certificate renewals. It also gives you the ability to create private certificates for internal resources and centrally manage the certificate lifecycle. Public and private SSL/TLS certificates provisioned through AWS Certificate Manager for ACM integration services such as Elastic Load Balancing, Amazon CloudFront, and Amazon API Gateway are free. You only pay for the AWS resources you create to run your applications. You pay monthly for each CA's operations until you delete it and pay for private certificates that you issue that are not dedicated to ACM integration services.
1: Open the Alibaba Cloud official website to download the certificate
First, open the URL:The hyperlink login is visible.Check the SSL certificate you have, click the Download button on the right side of the certificate, and the left side will pop up to select the download certificate according to the server type, as shown in the figure below:
(Note: When downloading the certificate, please pay attention to the validity period of the certificate)
We choosenginxtype certificate to download, and download a compressed package, as shown in the figure below:
The .pem inside the package is the certificate file, and .key is the private key file.
In the .pem file, if you are using a third-party certificate authority (CA), list all intermediate certificates in the certificate chain, starting with the certificate issued by the CA that signed the certificate for your domain. Typically, you will find documents on CA websites that list intermediate and root certificates in the appropriate link order.
Examples include:
-----BEGIN CERTIFICATE-----
Intermediate certificate 2
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
Intermediate certificate 1
-----END CERTIFICATE-----
2: Open the Amazon AWS ACM Import Certificate
Amazon AWS ACM URL:The hyperlink login is visible.
Click the "Import Certificate" button, as shown below:
At the beginning, when I imported the certificate, the certificate body filled in all the contents of the .pem file, the private key filled in all the contents of the .key, and the certificate chain did not fill in the content.
The certificate field contains more than one certificate. You can specify only one certificate in this field. Select the Back button below to modify.
The correct import method should be:
Fill in the body of the certificate:.pem file file.
Certificate Private Key:The certificate private key .key the entire contents of the file
Certificate Chain:.pem file file.
As shown below:
The import is successful, as shown in the following figure:
After the successful import, you can use the certificate service in Amazon CloudFront, Elastic Load Balancing, and Amazon API Gateway, which means that the website domain name can be accessed through https.
(End)
|
Posted on 8/7/2019 10:07:48 AM
|
|
|
|
