Usage of AWS private CA

1
votes

We have a application running in Windows EC2 and we dont have any ELB or ALB for the application. Can we use AWS private CA on this? Please refer this URL: https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html

As per this URL, we must use Elastic load balancing/Amazon cloud Front/ AWS Elastic Beanstalk/ Amazon API Gateway AWS CloudFormation services to integrate AWS certificate manager. We are not using any of these services in our application.

Thanks, Subhadeep

1
amazon-web-services
Is your Windows EC2 instance associated with a domain? If you have a domain, you may associate it via Route 53. Then, you may use any SSL certificate you want (certainly an AWS private cert should also work). - Tim Biegeleisen
Many thanks for the reply. Windows EC2 instance is associated with a domain (via Route 53) . So we can simply create the certificate using AWS console and can place that within appropriate location inside application to pick that. We don't need any additional service to be configured (like ACM) for this. - subhadeep dutta gupta
Not sure of your exact setup, but I just finished configuring a Tomcat instance running on a Linux EC2 node associated with a domain via Route 53, and when I imported the SSL cert into Tomcat everything just worked. - Tim Biegeleisen

1 Answers

3
votes

ACM Private CA certificates can be used with any platform, inside or outside of AWS, but this service creates a private certificate authority -- for use in a private infrastructure, like a corporate network.

This is not something used for public web sites.

A private CA handles the issuance, validation and revocation of private certificates within a private network (i.e. not the public internet).

https://aws.amazon.com/certificate-manager/faqs/#acm-private-ca