All APIs
AWS Certificate Manager logo

AWS Certificate Manager

AWS Certificate Manager

UpOpen Sourcecloudby Amazon Web Services62· JavaScript· MIT

AWS Certificate Manager (ACM) API issues and manages SSL/TLS certificates — free public certificates, private CA management, auto-renewal, AWS service integration.

Visit site ↗Source ↗Health checked 12h ago
Use it when

Public certificates are completely free

Watch for

ACM certs are usable only on AWS services (cannot be downloaded for self-managed EC2 nginx)

First check

POST /acm/RequestCertificate to request a certificate. DNS validation: add the returned CNAME record to DNS; auto-issued after validation.

Auth
CORS
No
HTTPS
Yes
Signup
?
Latency
1254 ms
Protocol
REST
Pricing
Stars
62

Uptime · 30-day window

Probes: 30Uptime: 97%Avg latency: 1190ms

GitHub activity

62JavaScriptMIT17 open issuesLast commit 155d ago
01

About this API

ACM solves two major pain points of HTTPS certificate ops: cost (public SSL certs used to cost annually) and renewal (manual renewals were forgotten, causing outages). AWS productized something like Let's Encrypt — if your site runs on AWS (ALB, CloudFront, API Gateway), ACM issues certificates free, auto-binds them to resources, and auto-renews 60 days before expiry (for DNS validation). Downside: ACM certs are "bound" — you can't get the private key file, so they can't be used on self-managed nginx or non-AWS services. For downloadable certificates, use Let's Encrypt automation or ACM Private CA. For most AWS-hosted web apps, ACM is the out-of-the-box HTTPS standard.

02

What you can build

  • 1Provide HTTPS certs for ALB/CloudFront/API Gateway
  • 2Manage enterprise private CAs
  • 3Auto-renewal to prevent expiry incidents
  • 4Bulk certificate audit
03

Strengths & limitations

Strengths

  • Public certificates are completely free
  • Native integration with AWS services (ALB/CloudFront auto-binds)
  • Auto-renewal (DNS validation scenarios)
  • TLS private keys never exposed to users

Limitations

  • ACM certs are usable only on AWS services (cannot be downloaded for self-managed EC2 nginx)
  • Private CA service has monthly fee
04

Getting started

POST /acm/RequestCertificate to request a certificate. DNS validation: add the returned CNAME record to DNS; auto-issued after validation.

05

FAQ

Can I use ACM certs on self-managed nginx on EC2?+

Not directly (no private key access). Traffic must go through ALB or CloudFront first. Or use ACM Private CA (downloadable).

Are wildcard certificates supported?+

Yes. Request *.example.com — requires DNS validation.

06

Technical details

CORS: NoHTTPS: YesSignup: ?Open source: Yes
Auth type
unknown
Pricing
unknown
Protocols
REST
SDKs
python, javascript, go, java, csharp, php, ruby
Response time
1254 ms
Last health check
6/26/2026, 6:22:15 AM
07

Tags

awsacmssltlscertificate
08

More from Amazon Web Services

View all from Amazon Web Services →
Access Analyzer
62

AWS IAM Access Analyzer API analyzes IAM resource policies for over-privileged access or external access — proactively surfaces security risks.

Alexa For Business
62

Alexa for Business helps you use Alexa in your organization.

Amazon API Gateway
62

Amazon API Gateway helps developers deliver robust, secure, and scalable mobile and web application back ends.

Amazon AppConfig
62

Use AppConfig, a capability of Amazon Web Services Systems Manager, to create, manage, and quickly deploy application configurations.

Amazon Appflow
62

Welcome to the Amazon AppFlow API reference.

Amazon AppIntegrations Service
62

The Amazon AppIntegrations service enables you to configure and reuse connections to external applications.

Amazon AppStream
62

Amazon AppStream 2.0 API Reference.

Amazon Athena
62

Amazon Athena is an interactive query service that lets you use standard SQL to analyze data directly in Amazon S3.