Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

VPN endpoint (VPC) replace certificate(s)

0

Hi All, doing some research on how to re-secure the VPN endpoints after a developer left and started threatening for some silly reason. So how can we re-secure the VPN endpoint again since we have an amazon self-made imported cert to Certificate Manager.

I know theoretically every user should have a unique client- cert, but because of time constrainsts, I don't have time to get it all perfect. Thanks for any suggestions!

Temas
Seguridad, identidad y cumplimientoRedes y entrega de contenido
Etiquetas
AWS Certificate ManagerPuerta de enlace privada virtual de VPC
Idioma
English
enierop
preguntada hace 2 años290 visualizaciones
1 Respuesta
0

Hello,

AWS Client VPN provides a number of security features to consider as you develop and implement your own security policies. Check this link out mentioning the security best practices. Link- https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/security-best-practices.html

For your use-case, the following suggestion in the link is beneficial:

Use client certificate revocation lists to revoke access to a Client VPN endpoint for specific client certificates. For example, when a user leaves your organization. CRL:https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-certificates.html

profile pictureAWS
INGENIERO DE SOPORTE
Chirag_R
respondido hace 2 años
  • enierop
    hace 2 años

    Thanks, but for now, I don't want revocation lists. And to do the WHOLE stuff. I simply have no time for that. Just want to know how to fix the current certificate.

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante