Open in app

Sign in

Write

Sign in

Free SSL Certs with AWS Certificate Manager and your DNS

Brian Winkers
3 min readOct 20, 2020

The second in a short series on using AWS managed services for domain parking. This article will cover using the AWS Certificate manager and existing DNS services to get FREE SSL certs.

I’ve used LetsEncrypt in the past to server content under SSL without shelling out another $50 per year for a commercial SSL cert. It works great but requires a bit of effort to set up and tend.

To keep things simple I request certs under the root and the wildcard domain. That reduces the number of host records I will need to create and support www. just fine. If I were going to serve a commercial site under www. I would use that hostname as the primary in the cert request.

Costs

The cost for this stage is zero. There is no per domain costs or any monthly or yearly costs. This assumes the domain registrar provide free DNS in the yearly registration fee.

Request Cert

Create a public certificate

Choose “Request a public certificate”

Enter the root and wildcard domain names.

Enter root and wildcard(*) domain

Choose DNS validation

Add whatever tags you want.

Add desired tags

Review and confirm

Review before confirming

Get the Validation DNS records you will need to create.

One or more CNAME records depending upon how many names are in the cert request.

Add DNS Records

Enom

Add a new row in DNS and define the CNAME record(s)

Dynadot

Make sure your are using “DYnaDot DNS” and then create a Subdomain record for the validation CNAME.

Create a subdomain record for the validation CNAME

Directi
https://manage.resellerclub.com/

Update the nameservers to the registrar agent’s DNS servers.

Create CNAME record for the validation host.

Wait patiently…

No advice here, this isn’t my strong suit. It can take from 20 minutes to days. Most have been with in a few hours.

Note: If you’ve used the domain in another AWS account you may have issue if there are any lingering records.

Use the Certificates

The certificates can be used with the following AWS services:

  • Elastic Load Balancing
  • Amazon CloudFront
    Note:     To use an ACM certificate with CloudFront, you must request or import the certificate in the US East (N. Virginia) region.
  • AWS Elastic Beanstalk
  • Amazon API Gateway
  • AWS CloudFormation

Certificate vector created by upklyak — www.freepik.com

AWS
Ssl
Domain Parking
Acm
DNS

--

--

Brian Winkers

Written by Brian Winkers

10 Followers

35 years building the most cutting edge sites on the Internet

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams