AWS Certificate Manager | Certificates Flashcards
What should I do if I did not receive the approval email?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Refer to the ACM User Guide for troubleshooting suggestions.
Are certificates provided by ACM trusted by browsers, operating systems, and mobile devices?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Certificates provided by ACM are trusted by most modern browsers, operating systems, and mobile devices. ACM-provided certificates have 99% browser and operating system ubiquity, including Windows XP SP3 and Java 6 and later.
How can I confirm that my browser trusts certificates provided by ACM?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Browsers that trust certificates provided by ACM display a lock icon and do not issue certificate warnings when connected to sites that use certificates provided by ACM over SSL/TLS, for example using HTTPS.
Certificates provided by ACM are verified by Amazon’s certificate authority (CA). Any browser, application, or OS that includes the Amazon Root CA 1, Starfield Services Root Certificate Authority - G2, or Starfield Class 2 Certification Authority trusts certificates provided by ACM.
Can ACM provide certificates with multiple domain names?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Yes. Each certificate must include at least one domain name, and you can add additional names to the certificate if you want to. For example, you can add the name “www.example.net” to a certificate for “www.example.com” if users can reach your site by either name. You must own or control all of the names included in your certificate request.
What is a wildcard domain name?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
A wildcard domain name matches any first level subdomain or hostname in a domain. A first-level subdomain is a single domain name label that does not contain a period (dot). For example you can use the name *.example.com to protect www.example.com, images.example.com, and any other host name or first-level subdomain that ends with .example.com. Refer to the ACM User Guide for more details.
Can ACM provide certificates with wildcard domain names?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Yes.
Does ACM provide Organizational Validation (OV) or Extended Validation (EV) certificates?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Not at this time.
Does ACM provide certificates for anything other than SSL/TLS for websites?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Not at this time.
Can I use certificates provided by ACM for code signing or email encryption?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
No.
Does ACM provide certificates used to sign and encrypt email (S/MIME certificates)?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Not at this time.
What algorithms do certificates provided by ACM use?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
ACM certificates use RSA keys with a 2048-bit modulus and SHA-256.
Does ACM support elliptic curve (ECDSA) certificates?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
Not at this time.
Where does Amazon describe its policies and practices for issuing certificates?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
They are described in the Amazon Trust Services Certificate Policies and Amazon Trust Services Certification Practices Statement documents. Refer to the Amazon Trust Services repository for the latest versions.
How do I revoke a certificate?
Certificates
AWS Certificate Manager | Security, Identity & Compliance
You can request ACM to revoke a certificate by visiting the AWS Support Center and creating a case.
