How to request SSL certificate from AWS Certificate Manager? ACM

AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications.

ACM service is for enterprise customers who need a secure web presence using TLS. ACM certificates are deployed through Elastic Load Balancing, Amazon CloudFront, Amazon API Gateway, and other integrated AWS services.

Pre Requisites:

  • Create CAA record in our DNS zone to avoid “The status of this certificate request is “Failed”. One or more domain names have failed validation due to a Certificate Authority Authentication (CAA) while requesting certificate.”

AWS Certificate Manager

Step 1: Sign into the AWS Management Console and open the ACM console at

Step 2: Choose Request a certificate.

Step 3: On the Request a certificate page, choose Request a public certificate and Request a certificate to continue.

Step 4: On the Add domain names page, type your domain name. You can use a fully qualified domain name (FQDN), such as, or a bare or apex domain name such as You can also use an asterisk (*) as a wild card in the leftmost position to protect several site names in the same domain. For example, * protects, and display.velaninfo.comthe wild card name will appear in the Subject field and the Subject Alternative Name extension of the ACM certificate.

Step 5: On the Select validation method page, choose either DNS validation or Email validation, depending on your needs.

Before ACM issues a certificate, it validates that you own or control the domain names in your certificate request. You can use either email validation or DNS validation.

If you choose email validation, ACM sends validation email to three contact addresses registered in the WHOIS database and to five common system administration addresses for each domain name. You or an authorized representative must reply to one of these email messages. For more information, see Using Email to Validate Domain Ownership.

If you use DNS validation, add a CNAME record provided by ACM to your DNS configuration. For more information about DNS validation, see Using DNS to Validate Domain Ownership.

Step 6: After choosing a validation method, choose Next.

Step 7: On the Add tags page, you can optionally tag your certificate. Tags are key/value pairs that serve as metadata for identifying and organizing AWS resources. For a list of ACM tag parameters and for instructions on how to add tags to certificates after creation, see Tagging AWS Certificate Manager Certificates.

Step 8: When you finish adding tags, choose Review.

If the Review page contains correct information about your request, choose Confirm and request. A confirmation page shows that your request is being processed and that certificate domains are being validated. Certificates awaiting validation are in the Pending validation state.

Step 9: Choose Continue to return to the ACM console. Your certificate will be ready in after successful validation.

We can use this certificated for AWS services required SSL.

At Velan, our server support engineers can help you check the Time to First Byte using CURL command. We troubleshoot problems like these for our clients every day. If you are interested in our service, please fill the Quick connect form to get in touch with us


Quick Connect With Us