AWS Private Certificate Authority

AWS Private Certificate Authority is a managed private CA service that extends ACM certificate management to private certificates. With private certificates you can authenticate resources inside an organization. Private certificates allow entities like users, web servers, VPN users, internal API endpoints, and IoT devices to prove their identity and establish encrypted communications channels. With AWS Private CA, you can create complete CA hierarchies, including root and subordinate CAs, without the investment and maintenance costs of operating your own certificate authority.

With a private CA, you avoid many of the constraints that are imposed on public certificates and CAs. Using the AWS Private CA console and API operations, you can do the following:

Create certificates with any subject name you want.
Create certificates with any expiration date you want.
Use any supported private key algorithm and key length.
Use any supported signing algorithm.
Configure certificates in bulk using templates.

For more information about AWS Private CA, see the AWS Private Certificate Authority User Guide.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS Certificate Manager

Other AWS services