Elastic beanstalk does not support new CA


Our existing CA is going to expire in May 2024. Therefore we must update the our RDS to use a CA that will expire later than that. We have decided to use "rds-ca-rsa2048-g1". After updating our RDS CA we are unable to connect to the server we get ssl error We are using elastic beanstalk therefore shouldn't AWS be responsible for updating our SSL certificate?

1 réponse

Under the Shared Responsibility Model for Elastic Beanstalk, your key responsibilities include:

  • Regularly update all components under your control, as defined in the AWS Shared Responsibility Model. This includes ensuring the security of your application, protecting your data, and updating any additional components your application requires that you have installed.
  • Ensure that your Elastic Beanstalk environments are always running on supported platform versions. If any environment is found to be on an unsupported or deprecated version, it is important to migrate it to a current, supported version promptly.
  • Address and rectify any issues encountered with failed managed update attempts, and make another attempt at the update as necessary.
  • If you have opted out of Elastic Beanstalk managed updates, you should manually patch the operating system, runtime, application server, and web server. This can be done by applying platform updates manually as described in the manual platform updates guide or by directly patching the components on all applicable environment resources.
  • Manage the security and compliance of any AWS services you utilize outside of Elastic Beanstalk in accordance with the AWS Shared Responsibility Model.

You can learn more about Shared responsibility model for Elastic Beanstalk platform maintenance

profile picture
répondu il y a 3 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions