AWS Certificate Manager Private Certificate Authority
User Guide (Version latest)

Creating and Managing a Private CA

Using ACM Private CA, you can create an entirely AWS-hosted private certificate authority (CA) for internal use by your organization. Both the root CA certificate and any subordinate CA certificates are stored and managed by ACM Private CA. The private key for your root authority is securely stored in AWS.

You can access ACM Private CA using the AWS Management Console, the AWS CLI, and the ACM Private CA API. The following topics show you how to use the console and the CLI. To learn more about the API, see the AWS Certificate Manager Private Certificate Authority API Reference. For Java examples that show you how to use the API, see Using the ACM Private CA API.