AWS Certificate Manager Integration Guide

Introduction

This Integration Guide is intended to help customers integrate EJBCA Cloud with AWS Certificate Manager (ACM).

ACM requires that you have a Root Certificate Authority (CA) already defined within your organization. By leveraging EJBCA Cloud, you can have a CloudHSM backed Root CA server with secure key storage from a legitimate PKI product. No more need to protect your keys with hacked together CA servers, or even soft keys with OpenSSL.

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services. With AWS Certificate Manager, you can quickly request a certificate, deploy it on ACM-integrated AWS resources, such as Elastic Load Balancers, Amazon CloudFront distributions, and APIs on API Gateway, and let AWS Certificate Manager handle certificate renewals.

Leveraging EJBCA Cloud in your organization can work to support various additional use cases, all from the AWS environment. By creating additional issuing CAs to issue certificates to users, computers, personal devices, and even IoT devices, EJBCA Cloud lets you define granular policies for certificate use for Client Certificates, Server Certificates, Code Signing Certificates, Disk Encryption Certificates, PIV Card Certificates and more.

Documentation

This EJBCA Cloud Documentation applies for the latest EJBCA Cloud version. For documentation for previous versions, refer to the PrimeKey EJBCA Cloud download area.

For the latest EJBCA Enterprise documentation, see EJBCA Documentation.