How can I configure ACM certificates for my website hosted on an EC2 instance?

Last updated: 2020-01-16

I want to configure AWS Certificate Manager (ACM) certificates for my website hosted on an Amazon Elastic Compute Cloud (Amazon EC2) instance.

Short Description

You can't export an Amazon Issued ACM public certificate for use on an EC2 instance because ACM manages the private key. For more information, see ACM Private Key Security.

Resolution

You can use SSL/TLS encryption for communication by putting your Amazon EC2 instance behind a service that integrates with ACM, such as Elastic Load Balancing (ELB) or an Amazon CloudFront distribution.

Before you begin, follow the instructions to Request a Public Certificate.

Note: ACM certificates must be requested or imported in the same AWS Region as your ELB. CloudFront distributions must request the certificate in the US East (N. Virginia) Region.

Create an Application Load Balancer (ALB), Network Load Balancer (NLB), Classic Load Balancer (CLB), or CloudFront distribution

Note: If you already created an ALB, NLB, CLB, or CloudFront distribution, you can skip these steps.

Associate the certificate with an ELB or configure with a CloudFront distribution

Put the Amazon EC2 instance behind your ELB or CloudFront distribution

Route traffic to your ELB or CloudFront distribution