1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi.
- For a different expiry, you can't use AWS IoT to generate your certificates. You'll need your own CA. You can use ACM Private CA or your own PKI.
- One way to automate expiry check is with AWS IoT Device Defender: https://docs.aws.amazon.com/iot/latest/developerguide/audit-chk-device-cert-approaching-expiration.html
- Certificate rotation using AWS IoT Device Defender and AWS IoT Jobs: https://aws.amazon.com/blogs/iot/how-to-manage-iot-device-certificate-rotation-using-aws-iot/
Hi Greg, Thanks for info. This is helpful in clearing doubts. The currently used AWS certificate created in 2022 (this year) is showing expiry of 2050. Is default expiry year: 28 years + created year? Please guide.
No. Expiry is always Dec 31 2049. It doesn't matter when the certificate is created: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html