[FOLIO-3252] Fix AWS ACM cert issue Created: 27/Jul/21 Updated: 03/Aug/21 |
|
| Status: | Open |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Task | Priority: | P2 |
| Reporter: | Peter Murray | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Sprint: | |
| Development Team: | FOLIO DevOps |
| Description |
|
arn:aws:acm:us-east-1:732722833398:certificate/ff25745c-aab1-4752-b630-520a1a241d5c is *.aws.indexdata.com From: Amazon Web Services, Inc. <no-reply-aws@amazon.com> Hello, We have identified your account as an account that uses email validated certificates issued through AWS Certificate Manager (ACM). Due to a policy change by Mozilla[1], the organization behind the Firefox browser, ACM can no longer automatically renew email validated certificates on your behalf. Beginning August 2021, email validated certificates will need to be renewed every year by clicking on a validation link that will be mailed when the certificate is 45 days from expiry. You can read more about Email validated certificates including details on validation email here[2]. Additionally, you can also use CloudWatch metrics and events [3] to monitor and track ACM managed certificates that are approaching expiration. For your reference, following is the list of your existing email-validated certificates: We recommend you migrate to DNS validation[4] if you are able. DNS validated certificates renew automatically as long as the CNAME record is properly configured. There is no way to convert an existing certificate from email validation to DNS validation, but you can request a new certificate at no cost. Please reach out to AWS support if you have any questions[5]. [1] https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/#2-certificate-authorities Sincerely, Amazon Web Services, Inc. is a subsidiary of Amazon.com, Inc. Amazon.com is a registered trademark of Amazon.com, Inc. This message was produced and distributed by Amazon Web Services Inc., 410 Terry Ave. North, Seattle, WA 98109-5210 |