Likelihood to Recommend I would always recommend AWS Certificate Manager for anyone using AWS cloud services. The perfect scenario would be with your domain managed by AWS Route 53 as you can obtain auto renewal of certificates with really good security for all your public facing application that uses CloudFront, ALB or API Gateway.
Read full review I would recommend OpenSSL for just about any kind of cryptographic operations that you may need. I can't think of a particular situation where it would not be appropriate to use OpenSSL for a cryptographic function of some sort or another. If you are going to provide some sort of encryption service in a product, OpenSSL is probably the best way to get it off the ground and going. With other competitors, you may get it working, but I fear long term support and interoperability will be an issue.
Read full review Pros easy to generate ssl certificates free ssl certificates ability to import private ssl certificates integrates well with other AWS services Read full review integrates into just about everything codebase is well managed and follows predictable paths although there are alternatives, OpenSSL is vastly better supported Read full review Cons It doesn't support automatic domain verification with other domain name services. Limited to AWS only, Certificates issued by ACM can be used with AWS managed services only. If you are having multi-region infrastructure then you'll need to issue an SSL certificate for a domain in each region. Read full review the entire project could be completely refactored while preserving the library apis the documentation on command line usage is not usually the best code examples are not very well explained Read full review Usability AWS historically has had very confusing interfaces. But in recent times they have improved them. AWS Certificate Manager is a clear sample of this. The interface is clear and straightforward, with no useless or cryptic options. Really I can't think of a way the interface could be better with the actual options available.
Read full review Support Rating They do a great job.
Read full review Alternatives Considered Easy to implement within a few clicks, or even from command line, the alternatives doesn't integrate that easy with AWS Application Load Balancers or AWS CloudFront
Read full review LibreSSL is another option to OpenSSL, however, the sheer volume of other applications using OpenSSL and the wide support for it makes OpenSSL a compelling product.
Read full review Return on Investment switching from paid expensive SSL certificates to free ones generated by ACM quick deployment and validation of certificates integration with other AWS services Read full review roi is hard to measure for openssl. It's not that it doesn't provide a significant roi, but it is in the background of an application, not the foreground. Read full review ScreenShots