Cloud giant Amazon has announced that it is offering free Transport Layer Security (TLS) and Secure Socket Layer (SSL) security certificates. The company, whose head office is in Seattle, Washington, United States, was established in 1995. Initially a force in online shopping, the company morphed into the leader in the cloud storage and computing arena, competing with the likes of Google Cloud Platform, Microsoft Azure, and IBM SoftLayer. Amazon’s move is intended to offer the company an advantage in what has become a very competitive playing field.
TLS and SSL certificates offer websites a layer of security that offers visitors reassurance on the safety of a website by displaying a padlock icon in the address bar of a browser. The bulk of providers offer such certificates for anything up $50 per year. Amazon’s free certificates are being made available though the recently launched Amazon Certificate Manager (ACM). Unfortunately ACM is only available in Amazon’s US East (Northern Virginia) region but the company is working towards making it more generally available.
“SSL/TLS is a must-have whenever sensitive data is moved back and forth,” explained Chief Evangelist at Amazon Web Services, Jeff Barr on the company’s blog. “For example, sites that need to meet compliance requirements such as PCI-DSS, FISMA, and HIPAA make extensive use of SSL/TLS. Certificates are issued to specific domains by Certificate Authorities, also known as CAs. When you want to obtain a certificate for your site, the CA will confirm that you are responsible for the domain. Then it will issue a certificate that is valid for a specific amount of time, and only for the given domain (subdomains are allowed). Traditionally, you were also responsible for installing the certificate on your system, tracking expiration dates, and getting fresh certificates from time to time (typically, certificates are valid for a period of 12 months)”.