Can I use the new free SSL/TLS AWS certificates without ELB or Beanstalk on plain EC2?

Q: Can I use certificates on Amazon EC2 instances or on my own servers?

No. At this time, certificates provided by ACM can only be used with specific AWS services.


Q: With which AWS services can I use certificates provided by ACM?

You can use ACM with the following AWS services:

• Elastic Load Balancing

• Amazon CloudFront

• AWS Elastic Beanstalk

• Amazon API Gateway

• AWS CloudFormation

https://aws.amazon.com/certificate-manager/faqs/

The certificates created by Amazon Certificate Manager (ACM) have corresponding private keys that are stored securely within the AWS infrastructure and are not accessible to you... which means you can't deploy these certs directly on systems you have direct access to, like EC2 servers.

You can only use them on services front-ended by Elastic Load Balancer, CloudFront, or both. As CloudFront, unlike ELB, has no monthly baseline cost, it seems like this would be a usable alternative for you, since cost is usually the motivation for not using ELB.


You can use free LetsEncrypt SSL certificates with single instance Elastic Beanstalk: http://bluefletch.com/blog/domain-agnostic-letsencrypt-ssl-config-for-elastic-beanstalk-single-instances/