How to secure a website hosted on AWS using a free SSL Certificate from AWS Cert Manager (ACM).

TABLE OF CONTENT
1. Introduction2. What is HTTPS3. Step by Step Guide The AWS Certificate Manager: How to Use It Steps to Provide ACM SSL Certificate6. Limitations of ACM7. Advantages of ACM8. Conclusion 9. Conclusion 9. Introduction
How much do you trust a website that requires users to log in or provide sensitive financial information?
We have seen so many instances where credit card numbers were hacked and misused. Are our customers ever able to verify that the website they plan to pay at is secure and trustworthy? How can we ensure that the customer feels secure when they provide this information on our website
We need to make sure that our website is protected with HTTPS in order to overcome all these business challenges.
2. What is HTTPS?
HTTP is the networking protocol that allows client-server communication over a network. HTTPS is the secure version of the HTTP protocol. Secured stands for Secured.
HTTPS is a secure and safe site
The browser and the website communicate securely using encryption
SSL (Secure Sockets layer) port 443 is used for communication between the browsers and websites
SSL is a term that is commonly used to describe the security of a website. This industry standard is used to protect websites and online transactions. SSL is a way to ensure that all information sent over the internet between the browser and our website is encrypted.

Multiple DNS service providers offer SSL Certificates for domains purchased through them.
3. Step by Step Guide
Step 1: Create an IP address unique to your server.
Step 2: Create a Certificate Signing request (CSR) and a private key to the SSL Certificate. Then, give it to a Certificate Authority. The market’s major CA players are DigiCert and Let’s Encrypt, DigiCert and Comodo. These third-party CAs charge a yearly fee for SSL Certificates. GoDaddy charges Rs.549 for the first year and Rs. 2,400/year
Step 3: Provide the appropriate information to the CA in order for your domain to be validated.
Step 4: After validation, the SSL Certificate is issued by CA. Activate the certificate
Step 5: Install the certificate to the server hosting the website.
Step 6: Change the website configurations in order to use HTTPS.
Step 7: SSL Certificates must be renewed. Keep track of when the certificate expires to renew it.
You can now leverage AWS Cloud as a Certificate Authority if your infrastructure is hosted on AWS Cloud with the service AWS Certificate Manager.
4. The AWS Certificate Manager can be leveraged:
AWS offers a service that makes it easy to provision, manage and deploy SSL/TLS Certificates. These SSL Certificates are available for websites hosted on AWS services. ACM allows you to import SSL Certificates into ACM and use them in your applications.
The overhead of uploading, maintaining, and renewing SSL Certificates is more than just procuring the SSL Certificate from a third party. AWS takes care of the management SSL Certificates with ACM.
It takes just a few clicks to get an SSL Certificate from AWS Certificate Manager. Follow the steps below:
Please provide the domain name of the website/application for which SSL Certificate is required.
Validate the domain name
Domain owner must approve validation request
ACM Certificate is ready and available to be used with other AWS Services
5. Steps to Get an ACM SSL Certificate

1. Enter the domain name

2. Validation of domain names:
The validation confirms that the domain we are asking for the certificate is actually owned. Two methods are available to validate domain owners:
DNS Validation
Email Validation
DNS Validation
i. Choose th

Author: Kody