Skip to content

Latest commit

 

History

History
26 lines (22 loc) · 1.9 KB

certificate-expiry.md

File metadata and controls

26 lines (22 loc) · 1.9 KB

CloudSploit

AWS / IAM / Certificate Expiry

Quick Info

Plugin Title Certificate Expiry
Cloud AWS
Category IAM
Description Detect upcoming expiration of certificates used with ELBs
More Info Certificates that have expired will trigger warnings in all major browsers
AWS Link http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-update-ssl-cert.html
Recommended Action Update your certificates before the expiration date

Detailed Remediation Steps

  1. Log in to the AWS Management Console.
  2. Select the "Services" option and search for EC2.
  3. In the left navigation panel, scroll down to "Load balancing" and click on "Load balancers".
  4. Click on the search box at the top and select "Type" as the filter attribute and "application" as the type value.
  5. This search will filter and return load balancers with application type only.
  6. Select the load balancer and click on "Listeners" tab in the bottom panel.
  7. Scroll down to "HTTPS : 443" listener ID and click on "View/edit certificates".
  8. Check the date under the "Expires" column for the certificates listed. If the date is already passed or is near then you should renew the certificate by clicking on the "ACM" Link under "Service" column.
  9. Repeat steps 5 to 8 for all other application load balancers.