On June 17, 2025, AWS announced that AWS Certificate Manager (ACM) now supports exportable public SSL/TLS certificates, enabling secure traffic termination across AWS, hybrid, and multi-cloud workloads. This feature allows users to issue public certificates, access their private keys, and deploy them on any compute workload, from EC2 instances to on-premises servers.
Why It’s Useful
Flexibility Across Environments: Unlike traditional ACM certificates limited to AWS-integrated services like Elastic Load Balancers or CloudFront, exportable certificates can be used anywhere, simplifying TLS management for diverse infrastructures.
Streamlined Automation: ACM handles certificate issuance and renewal, reducing manual overhead. Users can export certificates via the AWS Management Console, CLI, or API, enabling seamless integration into automated workflows.
Enhanced Security: ACM employs strong encryption and key management best practices, ensuring private keys remain secure during export and deployment.
Economic Advantage
AWS’s pricing for exportable public certificates is highly competitive:
Standard Certificates: $15 per certificate issuance/renewal (valid for 395 days).
Wildcard Certificates: $149 per certificate issuance/renewal, covering unlimited subdomains.
API Calls: First 10,000 export-certificate API calls per month are free, with subsequent 10,000 calls at $0.50.
Compared to other providers like DigiCert or Sectigo, which often charge $50–$500+ annually per certificate depending on features (e.g., wildcard, extended validation), AWS’s flat pricing is cost-effective, especially for organizations managing multiple domains. Additionally, ACM’s free public certificates for AWS-integrated services remain an option for cost-conscious users, with exportable certificates adding flexibility for a modest fee.
Conclusion
AWS’s exportable public certificates combine flexibility, automation, and affordability, making ACM a compelling choice for organizations seeking to secure workloads across diverse environments without breaking the bank. For details, visit AWS Certificate Manager.
References
Top comments (0)