在亚马逊云服务（Amazon）上，利用Amazon Certificate Manager (ACM) 为你的应用获取并管理免费的SSL/TLS证书，是一种既安全又经济的做法。下面是如何通过命令行终端（使用Amazon CLI）来完成这一过程的详细指南，以及如何下载适用于Windows操作系统的AWS CLI V2的简要说明。

下载并安装AWS CLI V2 for Windows
访问下载页面：首先，通过提供的链接 https://awscli.amazonaws.com/AWSCLIV2.msi 访问AWS CLI V2的Windows安装程序。
安装AWS CLI：下载完成后，双击运行AWSCLIV2.msi文件，遵循安装向导的指示完成安装过程。确保在安装过程中选择“Add the AWS CLI to the system PATH”选项，以便在任何命令行终端中都能直接使用aws命令。
配置AWS CLI：安装完成后，打开命令提示符或PowerShell，运行aws configure命令来配置AWS CLI。按照提示输入你的AWS Access Key ID、Secret Access Key、默认区域和输出格式。
使用AWS CLI申请免费域名证书
登录AWS账户：在命令行中，确保你已通过aws configure命令配置了AWS CLI。
1.申请证书：使用以下命令开始证书的申请流程。请将YOUR_DOMAIN_NAME替换为你希望保护的实际域名。
Bash
aws acm request-certificate \
    --domain-name YOUR_DOMAIN_NAME \
    --validation-method DNS \

    --subject-alternative-names "www.YOUR_DOMAIN_NAME"

这里使用DNS验证方法，你需要在你的DNS提供商处创建必要的DNS记录来验证你对域名的所有权。

申请完毕后在这里也能看见，但是不能导出证书用在自建的nginx等web服务器

2.查看证书详情和状态： 申请后，你可以使用以下命令检查证书的详细信息及当前状态，包括需要添加到DNS记录中的验证CNAME值。
Bash
aws acm describe-certificate --certificate-arn arn:aws:acm:REGION:ACCOUNT_ID:certificate/CERTIFICATE_ID

其中arn:aws:acm:REGION:ACCOUNT_ID:certificate/CERTIFICATE_ID是之前申请证书时返回的ARN。

3.导出证书

C:\Users\Administrator>aws configure
AWS Access Key ID [None]: AKIA47CRVPBAXENTTRRZ
AWS Secret Access Key [None]: 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
Default region name [None]: ap-northeast-1
Default output format [None]:

C:\Users\Administrator>aws acm  get-certificate --certificate-arn   arn:aws:acm:ap-northeast-1:891376990273:certificate/454172f2-f6e3-4512-86d4-75e19c26eb8a
{
    "Certificate": "-----BEGIN CERTIFICATE-----\nMIIFyzCCBLOgAwIBAgIQC9JgAwhAROKkK6vmCCpdHDANBgkqhkiG9w0BAQsFADA8\nMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g\nUlNBIDIwNDggTTAyMB4XDTI0MDYyNDAwMDAwMFoXDTI1MDcyMzIzNTk1OVowGzEZ\nMBcGA1UEAxMQd2wxMDAzLndscGhwLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP\nADCCAQoCggEBALQn9LpwEqenvWYVwPMQCqv4EwJc1VTXYp1dp+2gZI7MjfwUMU1L\nMssgPNrVEP/LAfJhD2q3CKgZhj67RoADG6DYQAJ3I3QBGf5R/5QyCeRqdUcwnrwv\nuFe3R1pbRZu3ClRECVd9UJ0XqQL7tC3msSxT/22GnDKJjBCMhRkLllIDpPSBkAHa\nKxhKkktOps64SRC1YYeW+IXiorc2+QZ4op9ZKCaaBLeAJJGNxGxcR3zfw9R9mfmk\ngi5EHgNxkuz6L+0a/7HpLz7OB+6wwtUcz1XNLieRoDSlp7aYnug6LWhW41atCMow\nbRwd/5vAc3bscM5pX6VbnuSstMPvrQ6IhIsCAwEAAaOCAugwggLkMB8GA1UdIwQY\nMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBT+MgZ5PwUxQfaJ+g+y\nPVFVy0jLLTAbBgNVHREEFDASghB3bDEwMDMud2xwaHAuY29tMBMGA1UdIAQMMAow\nCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\nKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6\nb250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw\nAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC\nhipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYD\nVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAEvFONL1TckyE\nBhnDjz96E/jntWKHiJxtMAWE6+WGJjoAAAGQSaDVHAAABAMARjBEAiAJnbq9vEWW\naO0WPrFET/z9UbqWEKFGVsfZawUEQQdCfwIgLzEcg7iQbq0dr+lSchQl/V7EyGk5\nCWSzeilxQXyRl7oAdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAA\nAZBJoNTWAAAEAwBHMEUCIEV2/R44+JdWA7tNIjqV9V74CTxx+19eoYL4PQCF6XTw\nAiEA0TaAmVlgqoD5ZBY1RPo7KLf4wmbPWGBOj729HZNF9d8AdgDm0jFjQHeMwRBB\nBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAZBJoNUDAAAEAwBHMEUCIE3RnLXfWeMK\neylpDCAC1UVJlOLx5J8IE1tu2vWt9V76AiEA6b4dZaNfpIHiiW0C2aIIAHedAD8K\nWHOoMY3GyEK8+hIwDQYJKoZIhvcNAQELBQADggEBACs7YDgTzqR+12ipMyKIYRf7\niWb4UDH231Fy2wRLV6dlVzOnrCagc4+vAlzXzdT0MLmBncITMFzJHllJr1SGkF+3\nQEiWf6/mRlhUbfs3VqTz0mrauZnG6rGrIVussQs5Iq58AA5s1HL6r3Mnsuj0/nV/\n0ehGnu9OiMyjkn+tS3kMUVKaqYrvCluhvefHyOWvu0oJnY6CMXaCSpf3RLIUQmZa\nkDxWkpS9CZgRxbmF2zJfL7kSXZ2QUp/b4M8/LRQhwrv2nNFrMlIjmJ+zqY6Oidq0\nghpHEs/cBikx1NVIk3k872/IW8/MoKPt3JtULcUBv5mE8sb7V1JZrmf30Ocg+Eo=\n-----END CERTIFICATE-----\n",
    "CertificateChain": "-----BEGIN CERTIFICATE-----\nMIIEXjCCA0agAwIBAgITB3MSSkvL1E7HtTvq8ZSELToPoTANBgkqhkiG9w0BAQsF\nADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\nb24gUm9vdCBDQSAxMB4XDTIyMDgyMzIyMjUzMFoXDTMwMDgyMzIyMjUzMFowPDEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEcMBoGA1UEAxMTQW1hem9uIFJT\nQSAyMDQ4IE0wMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtDGMZa\nqHneKei1by6+pUPPLljTB143Si6VpEWPc6mSkFhZb/6qrkZyoHlQLbDYnI2D7hD0\nsdzEqfnuAjIsuXQLG3A8TvX6V3oFNBFVe8NlLJHvBseKY88saLwufxkZVwk74g4n\nWlNMXzla9Y5F3wwRHwMVH443xGz6UtGSZSqQ94eFx5X7Tlqt8whi8qCaKdZ5rNak\n+r9nUThOeClqFd4oXych//Rc7Y0eX1KNWHYSI1Nk31mYgiK3JvH063g+K9tHA63Z\neTgKgndlh+WI+zv7i44HepRZjA1FYwYZ9Vv/9UkC5Yz8/yU65fgjaE+wVHM4e/Yy\nC2osrPWE7gJ+dXMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD\nVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV\nHQ4EFgQUwDFSzVpQw4J8dHHOy+mc+XrrguIwHwYDVR0jBBgwFoAUhBjMhTTsvAyU\nlC4IWZzHshBOCggwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8v\nb2NzcC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDov\nL2NydC5yb290Y2ExLmFtYXpvbnRydXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8E\nODA2MDSgMqAwhi5odHRwOi8vY3JsLnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jv\nb3RjYTEuYMAowCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IB\nAQAtTi6Fs0Azfi+iwm7jrz+CSxHH+uHl7Law3MQSXVtR8RV53PtR6r/6gNpqlzdo\nZq4FKbADi1v9Bun8RY8D51uedRfjsbeodizeBB8nXmeyD33Ep7VATj4ozcd31YFV\nfgRhvTSxNrrTlNpWkUk0m3BMPv8sg381HhA6uEYokE5q9uws/3YkKqRiEz3TsaWm\nJqIRZhMbgAfp7O7FUwFIb7UIspogZSKxPIWJpxiPo3TcBambbVtQOcNRWz5qCQdD\nslI2yayq0n2TXoHyNCLEH8rpsJRVILFsg0jc7BaFrMnF462+ajSehgj12IidNeRN\n4zl+EoNaWdpnWndvSpAEkq2P\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF\nADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj\nb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x\nOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1\ndGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL\nMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv\nb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj\nca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM\n9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw\nIFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6\nVOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L\n93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm\njgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/\nBAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW\ngBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH\nMAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH\nMAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy\nMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0\nLmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF\nAAOCAQEAYjdCXLwQtT6LLOkMm2xF4gcAevnFWAu5CIw+7bMlPLVvUOTNNWqnkzSW\nMiGpSESrnO09tKpzbeR/FoCJbM8oAxiDR3mjEH4wW6w7sGDgd9QIpuEdfF7Au/ma\neyKdpwAJfqxGF4PcnCZXmTA5YpaP7dreqsXMGz7KQ2hsVxa81Q4gLv7/wmpdLqBK\nbRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN\n0FE6/V1dN2RMfjCyVSRCnTawXZwXgWHxyvkQAiSr6w10kY17RSlQOYiypok1JR4U\nakcjMS9cmvqtmg5iUaQqqcT5NJ0hGA==\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIEdTCCA12gAwIBAgIJAKcOSkw0grd/MA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV\nBAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw\nMAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0\neTAeFw0wOTA5MDIwMDAwMDBaFw0zNDA2MjgxNzM5MTZaMIGYMQswCQYDVQQGEwJV\nUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE\nChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp\nZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi\nMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/\ny8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N\nTm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo\nOt+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C\nzyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J\nQ4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB\nAAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O\nBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV\nrNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u\nc3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud\nHwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG\nBFUdIAAwDQYJKoZIhvcNAQELBQADggEBACMd44pXyn3pF3lM8R5V/cxTbj5HD9/G\nVfKyBDbtgB9TxF00KGu+x1X8Z+rLP3+QsjPNG1gQggL4+C/1E2DUBc7xgQjB3ad1\nl08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt\n8jxwmKy6abaVd38PMV4s/KCHOkdp8Hlf9BRUpJVeE}



请注意，直接从Amazon Certificate Manager管理的证书不能直接导出。它们被设计为与Amazon服务（如Elastic Load Balancing, CloudFront等）无缝集成，无需手动管理证书文件。如果你的应用需要直接使用证书文件（例如，部署在非AWS服务上），你可能需要考虑使用其他方式获取或管理证书，比如Let's Encrypt或购买并自行管理的SSL证书。

然而，如果你的应用托管在AWS内部，并且需要使用ACM证书，你只需在相关AWS服务的配置中选择该证书即可，AWS会处理证书的部署和续期，无需手动导出或管理证书文件。