Certificate Manager

Encryption In Transit vs At Rest

Asymmetric Encryption

• Asymmetric encryption is also known as public key cryptography

• Messages encrypted with the public key can only be decrypted with the private key

• Messages encrypted with the private key can be decrypted with the public key

• Examples include SSL/TLS and SSH

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources

Create, store and renew SSL/TLS X.509 certificates

Single domains, multiple domain names and wildcards Integrates with several AWS services including: • Elastic Load Balancing • Amazon CloudFront • AWS Elastic Beanstalk • AWS Nitro Enclaves • AWS CloudFormation Public certificates are signed by the AWS public Certificate Authority You can also create a Private CA with ACM Can then issue private certificates You can also import certificates from third-party issuers