Request Public Certificate dengan ACM

Tutorial kali ini akan membahas cara menggunakan Console ACM atau AWS CLI untuk request publik sertifikat dengan ACM Sebelum memulai pastikan Anda sudah mempunyai domain karena proses validasi sertifikat akan menggunakan DNS

AWS CLI

Request sertifikat

aws acm request-certificate --domain-name www.example.com \
--validation-method DNS

$ aws acm request-certificate --domain-name awo.autoscale.my.id --validation-method DNS
{
    "CertificateArn": "arn:aws:acm:us-east-1:012345678901:certificate/23ec1d51-dbd3-4408-ae87-ea7f38b3c34e"
}

Cek CNAME

$ aws acm describe-certificate --certificate-arn arn:aws:acm:us-east-1:012345678901:certificate/23ec1d51-dbd3-4408-ae87-ea7f38b3c34e
{
    "Certificate": {
        "CertificateArn": "arn:aws:acm:us-east-1:012345678901:certificate/23ec1d51-dbd3-4408-ae87-ea7f38b3c34e",
        "DomainName": "awo.autoscale.my.id",
        "SubjectAlternativeNames": [
            "awo.autoscale.my.id"
        ],
        "DomainValidationOptions": [
            {
                "DomainName": "awo.autoscale.my.id",
                "ValidationDomain": "awo.autoscale.my.id",
                "ValidationStatus": "SUCCESS",
                "ResourceRecord": {
                    "Name": "_719e38dbc8c86de0bfbe624009e35fca.awo.autoscale.my.id.",
                    "Type": "CNAME",
                    "Value": "_7fbc8b7723ed0e5d67b6bc5f758668a0.kqlycvwlbp.acm-validations.aws."
                },
                "ValidationMethod": "DNS"

Selanjutnya validasi dengan cara menambahkan record CNAME tersebut pada kelola DNS pada domain Anda

Apabila validasi sukses maka status akan berubah menjadi ISSUED

$ aws acm list-certificates | head
{
    "CertificateSummaryList": [
        {
            "CertificateArn": "arn:aws:acm:us-east-1:012345678901:certificate/23ec1d51-dbd3-4408-ae87-ea7f38b3c34e",
            "DomainName": "awo.autoscale.my.id",
            "SubjectAlternativeNameSummaries": [
                "awo.autoscale.my.id"
            ],
            "HasAdditionalSubjectAlternativeNames": false,
            "Status": "ISSUED",

Console ACM

Request sertifikat

Buka ACM console

Pilih tab request certificate dan pilih Request a public certificate

request public certificate

Masukan nama domain dan pilih Validation method DNS

pilih validasi

Key algorithm pilih RSA 2048 lalu klik request

pilih key algorithm

Cek CNAME

Klik List certificates dan pilih Certificate ID

pilih certificate

Selanjutnya copy CNAME ke kelola DNS

copy cname

Jika sudah tinggal menunggu sertifikat issued

tunggu certificate issue