I'm currently hosting my web app on AWS S3 and have my domain registered with Porkbun. They've provided me with free WHOIS privacy and free private certificates, but now I'm trying to secure my site using CloudFront. I've imported my certificates into AWS Certificate Manager (ACM), but CloudFront is giving me trouble, stating that I need a Certificate Authority (CA) within AWS. Do I really have to pay for AWS's Certificate Authority to get this working?
4 Answers
ACM's publicly signed certificates cost nothing and work great with CloudFront. If I were you, I'd just use AWS's certs instead of messing with third-party ones. They’ll save you time and hassle!
Hey there! I get the confusion. Check out these AWS docs they might clear things up for you: https://go.aws/43SMs0y and https://go.aws/4ekX9N4. Hope it helps!
Definitely go for ACM-generated certs! They're free and the verification process is pretty straightforward, as long as you can confirm you own the domain.
Using an AWS-provided certificate is a smart move; it's free and ensures compatibility with CloudFront! Just make sure to properly set the correct domains. As for Porkbun, their certificates might not work because CloudFront only accepts RSA certs, while Porkbun often fronts Let's Encrypt, which defaults to EC certs unless you run certbot yourself. I've done it using certbot to create an RSA cert which I then upload to ACM for CloudFront, so it’s doable!
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads