> AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications. You can provide certificates for your [integrated AWS services](https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html) either by issuing them directly with ACM or by [importing](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) third-party certificates into the ACM management system. ACM certificates can secure singular domain names, multiple specific domain names, wildcard domains, or combinations of these. ACM wildcard certificates can protect an unlimited number of subdomains. You can also [export](https://docs.aws.amazon.com/acm/latest/userguide/export-private.html) ACM certificates signed by ACM Private CA for use anywhere in your internal PKI. [^aws1] [^aws1]: https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html