AWS Security Blog

Tag: OCSP

How to implement client certificate revocation list checks at scale with API Gateway

October 25, 2024: This post has been updated to include a reference to a sample implementation published on the AWS Samples GitHub repository. As you design your Amazon API Gateway applications to rely on mutual certificate authentication (mTLS), you need to consider how your application will verify the revocation status of a client certificate. In […]

Choosing the right certificate revocation method in ACM Private CA

AWS Certificate Manager Private Certificate Authority (ACM PCA) is a highly available, fully managed private certificate authority (CA) service that allows you to create CA hierarchies and issue X.509 certificates from the CAs you create in ACM PCA. You can then use these certificates for scenarios such as encrypting TLS communication channels, cryptographically signing code, […]