AWS Certificate Manager (ACM) is a service provided by Amazon Web Services that lets you easily provision, manage, and deploy SSL/TLS certificates for use with other AWS services like Elastic Load Balancing, Amazon CloudFront, and AWS Elastic Beanstalk.

Here are the steps to create an SSL/TLS certificate using ACM:

1. Log in to your AWS account.
2. Open the AWS Management Console and navigate to the AWS Certificate Manager service.
3. Click on “Request a certificate”.
4. Enter the domain name for which you want to create the certificate. You can enter multiple domain names separated by commas. You can also choose to validate the domain ownership using DNS validation or email validation.
5. Click on “Next”.
6. Review the certificate request details and click on “Confirm and request”.
7. After the certificate request is created, you need to validate the domain ownership. For DNS validation, you need to add a CNAME record to your domain’s DNS configuration. For email validation, you need to respond to the email that is sent to the domain’s administrative contact email address.
8. Once the domain ownership is validated, the certificate will be issued and you can use it with other AWS services.

Now, let’s see how to create an SSL/TLS certificate using the AWS CLI:

1. Install the AWS CLI on your machine.
2. Open a terminal and run the following command to create a certificate request:

aws acm request-certificate --domain-name example.com --validation-method DNS

In the above command, replace example.com with your domain name. You can also choose EMAIL as the validation method.

3. Run the following command to get the status of the certificate request:

aws acm describe-certificate --certificate-arn <certificate-arn>

In the above command, replace <certificate-arn> with the ARN of the certificate request.

4. Validate the domain ownership using DNS or email validation.
5. Once the domain ownership is validated, the certificate will be issued and you can use it with other AWS services.

Here are some other useful AWS CLI commands for ACM:

• List all certificates:

aws acm list-certificates

• Delete a certificate:

aws acm delete-certificate --certificate-arn <certificate-arn>

In the above command, replace <certificate-arn> with the ARN of the certificate to be deleted.

• Import a certificate:

aws acm import-certificate --certificate file://certificate.pem --private-key file://private-key.pem --certificate-chain file://certificate-chain.pem

In the above command, replace certificate.pem, private-key.pem, and certificate-chain.pem with the paths to the certificate, private key, and certificate chain files respectively.

That’s it! With these commands, you can easily create, manage, and deploy SSL/TLS certificates using AWS Certificate Manager.