Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

S3 TLS revocation using a private interface endpoint via direct connect

0

Hi there,

I am looking into for research purposes if it is possible to do TLS revocation using a public CRL when using AWS3 connected to a private interface endpoint which in turn is connected to using a direct connect? If it isn't is there a process of doing it privately? Thanks!

Themen
SpeicherVernetzung & Bereitstellung von Inhalten
Tags
Amazon Simple Storage ServiceAWS Direct ConnectAWS PrivateLink
Sprache
English
edx
gefragt vor 6 Monaten136 Aufrufe
1 Antwort
0

It is possible.

AWS Private CA allows you to configure and publish certificate revocation lists (CRLs) to an S3 bucket for revocation checking. This S3 bucket can be public or private. With a private interface endpoint for S3, you can access the S3 bucket containing the CRL privately over the Direct Connect connection without going over the public internet. The private interface endpoint would perform revocation checks against the CRL during TLS handshake just like a public endpoint. You have the option to publish the CRL to a private S3 bucket, in which case the revocation checking would be done privately without exposing the CRL publicly.

profile picture
EXPERTE
Giovanni Lauria
beantwortet vor 3 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt