Skip to content

Request an SSL Certificate (ACM)

To enable secure HTTPS access for your static website, you must request an SSL/TLS certificate from AWS Certificate Manager (ACM). This certificate will later be attached to your CloudFront distribution.

  1. Sign in to the AWS Management Console and open the ACM console.

    Warning

    Ensure the certificate is requested in US East (N. Virginia) – us-east-1. CloudFront only accepts certificates provisioned in this region.

  2. Choose Request.

  3. Select Request a public certificate, then continue.

  4. Add the domain names you want to secure:

    Use Case Example
    Root domain example.com
    Subdomain www.example.com
    Additional hostname docs.example.com

    Note

    Wildcard domains such as *.example.com are supported if needed.

  5. Select a validation method. DNS validation is recommended.

    Tip

    DNS validation is secure, automated, and does not require manual certificate renewal.

  6. Select the encryption algorithm required for your environment.

  7. (Optional) Add tags if needed.

  8. Choose Request to submit the certificate request.

Domain Validation

Before ACM issues a certificate, you must validate that you own or control the domain names in your request. You can use email validation or DNS validation.

  • Email validation: ACM sends a validation email to the domain specified in the certificate request. If you specify a validation domain, ACM sends the email there instead.

  • DNS validation: ACM provides a CNAME record that you add to your DNS configuration.