AWS Certificate Manager and Private Certificate Authority Support FIPS 140-2 Endpoints

When you connect to the FIPS endpoint in your chosen AWS Region all data subsequently transferred will only use FIPS validated encryption. These endpoints terminate Transport Layer Security (TLS) sessions using a FIPS 140-2 validated cryptographic software module, making it easier for you to use ACM and Private CA for regulated workloads. To use a FIPS-compliant connection, specify the FIPS endpoint when you connect to the ACM or Private CA API.

FIPS 140-2 validated endpoints for ACM and Private CA are available in US East (N. Virginia), US East (Ohio), US West (N. California), US West (Oregon), Canada (Central), and AWS GovCloud (US). For a list of regions where ACM and Private CA are available, see AWS Regions and Endpoints.

To get started with ACM or Private CA visit the ACM website.