How to manage Amazon ACM requests

  • 2 minute(s) read
Prev Next

This document provides information on how to manage Amazon ACM requests.

Get AWS access key ID and secret

  1. In your AWS account menu, locate the Security Credentials item.
  2. Locate the Access keys section, and select Create access key.
  3. Go to Retrieve access keys to copy the necessary data.

Configure account in Segura

  1. In Segura, access the menu Certificate Manager > Certificates Cloud > Account.
  2. Click the (⁝) icon and select New.
  3. Fill in the fields with the following information. Fields with an asterisk (*) are mandatory information:
    • Name: user account identifier.
    • Enabled: Yes is selected by default.
    • Set the access data: select the field to enter the data below.
    • AWS access key ID: user application ID.
    • AWS secret access key: user application secret.
  4. Save.

Create Amazon ACM requests

Info

It requires a private certification authority (CA) to create requests. At the moment, Segura only works with private CAs.

  1. In your AWS account, type Certificate Manager in the search field and click on the first service that appears.
  2. On the next screen, find and select Create a private CA.
  3. Fill in the configuration fields according to the company's needs.
  4. The CA will be created and made available by AWS.
  5. Under Actions, click Install CA certificate to enable.
  6. On Segura, in the navigation bar, hover over the Products menu and select Certificate Manager.
  7. In the side menu, select Certificate Manager > Requests > SSL/TLS for Cloud.
  8. In the top right corner, click Add.
  9. In the Amazon Account * field, select the account created in Configure account in Segura.
  10. In the Region * field,
  11. In the CA * field,
  12. In the Domain name * field,
  13. In the Additional names table, click + Add to enter additional domain names.
  14. In the Tags table, click + Add to enter tags to help identify the request.
  15. Click Save.

Sign requests

  1. On Segura, in the navigation bar, hover over the Products menu and select Certificate Manager.
  2. In the side menu, select Certificate Manager > Requests > SSL/TLS for Cloud.
  3. In the desired request, click Actions > Request signature.
  4. In the Justification field, enter a justification for signing the request.
  5. In the Reason * field, select a reason for signing the request.
  6. In the Governance Code field, enter a governance code to help identifying the request.
  7. In the Domain validation method * field, select a domain validation method.
  8. Click Save.

The certificate should appear on the AWS page with the Active status. On Segura, the new request will appear on the SSL/TLS Cloud requests report screen.

View certificates

  1. On Segura, in the navigation bar, hover over the Products menu and select Certificate Manager.
  2. In the side menu, select Certificate Manager > Certificates > SSL/TLS for Cloud.
  3. In the desired request, click Actions and see the following options:
    1. Certificate information.
    2. Change certificate.
    3. Request details.
    4. Certificate Renewal history.
    5. Disable: deactivate the certificate and consequently suspend the billing and operation
Attention

The Accounts column on this screen shows how many accounts are linked to a single certificate. We strongly recommend reviewing this setting if your discovery reveals more than one account. Ideally, the certificate should have a single account to maintain the integrity of the cloud infrastructure.