EC2 Instance Identity Document Signing Certificate Expiry

1

The default signing certificate for verification of the EC2 instance identity document expires next year (see, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/verify-signature.html ).

    Version: 3 (0x2)
    Serial Number:
        a9:cb:e1:41:03:30:df:c5
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: C = US, ST = Washington, L = Seattle, O = Amazon.com Inc., CN = ec2.amazonaws.com
    Validity
        Not Before: Jun  5 14:28:02 2014 GMT
        Not After : Jun  5 14:28:02 2024 GMT
    Subject: C = US, ST = Washington, L = Seattle, O = Amazon.com Inc., CN = ec2.amazonaws.com

What will happen when the certificate expires? Will AWS keep using it or replace it? Would a new certificate be provided in advance?

Silas P
asked 8 months ago213 views
1 Answer
1

Hi there! Thanks for your question!

The certificate will be renewed with one with a later expiration date before the current one expires.

AWS
EXPERT
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions