ACM Private CA

  • A certificate authority (CA) certificate affirms the identity of the CA and binds it to the public key that is contained in the certificate.

  • You can use ACM Private CA to create a private root CA or a private subordinate CA, each backed by a CA certificate.

  • Subordinate CA certificates are signed by another CA certificate higher in a chain of trust.

  • But in the case of a root CA, the certificate is self-signed.

  • You can also establish an external root authority (hosted on-premises, for example).

  • You can then use your root authority to sign a subordinate root CA certificate hosted by ACM Private CA.

  • ACM Private Certificate Authority is a managed private CA service that extends ACM certificate management to private certificates.

  • With private certificates, you can authenticate resources inside an organization.

    • Private certificates allow entities like users, web servers, VPN users, internal API endpoints, and IoT devices to prove their identity and establish encrypted communications channels.

      • With ACM Private CA, you can create complete CA hierarchies, including root and subordinate CAs, without the investment and maintenance costs of operating your own certificate authority.

  • ACM Private CA gives you complete, cloud-based control over your organization's private PKI (public key infrastructure), extending from a root certificate authority (CA), through subordinate CAs, to end-entity certificates.

PreviousCloudWatch TroubleshootingNextFirewall Manager

Last updated