ACM PCA
Definition
AWS Certificate Manager Private Certificate Authority (ACM PCA) is a managed service that enables the creation and management of private certificate authorities (CAs) to issue and manage private SSL/TLS certificates for your organization. It allows for the automation of certificate issuance and renewal, helping to secure internal applications and services without the need for a public CA. ACM PCA integrates with other AWS services, providing a scalable and cost-effective solution for managing private certificates.
Secure Settings Example
{
"CertificateAuthorityConfiguration": {
"KeyAlgorithm": "RSA_2048",
"SigningAlgorithm": "SHA256WITHRSA",
"Subject": {
"Country": "US",
"Organization": "Example Corp",
"OrganizationalUnit": "IT",
"State": "California",
"CommonName": "example.com"
}
},
"RevocationConfiguration": {
"CrlConfiguration": {
"Enabled": true,
"ExpirationInDays": 7,
"S3BucketName": "example-crl-bucket"
}
}
}
Insecure Settings Example
{
"CertificateAuthorityConfiguration": {
"KeyAlgorithm": "RSA_1024",
"SigningAlgorithm": "SHA1WITHRSA",
"Subject": {
"Country": "US",
"Organization": "Example Corp",
"CommonName": "example.com"
}
},
"RevocationConfiguration": {
"CrlConfiguration": {
"Enabled": false
}
}
}