In this tech talk, you will learn how to deploy SSL/TLS across an organization, which requires both certificate and certificate authority (CA) management. We will review how to build a CA in AWS Certificate Manager (ACM) Private CA, share the CA across an organization using resource shares in AWS Resource Access Manager (RAM), and then issue certificates with fully managed renewal via ACM. For certificate administrators, we’ll talk about creating a CA, building appropriate security measures for the CA, and making the CA accessible to the teams and people who will issue certificates. Finally, we will discuss how to manage the certificate lifecycle across your organization.
You will learn how the combination of AWS Certificate Manager (ACM), ACM Private Certificate Authority (CA), and AWS Resource Access Manager (RAM) allows administrators and issuers to simplify the process while following security best practices, like separation of duties.