AWS Certificate Manager "In use" status "No"

Question

I was imported SSL certificate using AWS Certificate manager and it will display In Use status as No and my Subdomain didn't work with https.

Below image displayed the status as I described. What was the reason for that?

Edit: I used Amazon EC2 with ubuntu box.

Answer 1

The AWS Certificate Manager provides SSL certificates for use in a limted set of AWS services:

From What Is AWS Certificate Manager?

You cannot install an ACM Certificate directly on your website or application. You must install your certificate by using one of the services integrated with ACM. For more information about these services, see Services Integrated with AWS Certificate Manager.

These integrated services are:

• Elastic Load Balancing
• Amazon CloudFront
• AWS Elastic Beanstalk
• Amazon API Gateway

It appears you have not configured your ACM SSL to be used in one of these services.

A common misconception is that you can use ACM SSL in any HTTP server on an instance - you cannot. You need to use an ELB infront of any webserver in order to properly configure HTTPS.

Answer 2

You need to go to CloudFront and modify your distribution to point to the new ACM Certificate that you just got. CloudFront will then pick up the new cert and deploy it to your distribution for you. ACM will then mark the certificate as "in use". As long as it's then "in-use", ACM will renew it for you and continue to update CloudFront.