Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

VPN endpoint (VPC) replace certificate(s)

0

Hi All, doing some research on how to re-secure the VPN endpoints after a developer left and started threatening for some silly reason. So how can we re-secure the VPN endpoint again since we have an amazon self-made imported cert to Certificate Manager.

I know theoretically every user should have a unique client- cert, but because of time constrainsts, I don't have time to get it all perfect. Thanks for any suggestions!

Argomenti
Sicurezza, identità e conformitàNetworking e distribuzione di contenuti
Tag
Gestore certificati AWSGateway privato virtuale VPC
Lingua
English
enierop
posta 2 anni fa290 visualizzazioni
1 Risposta
0

Hello,

AWS Client VPN provides a number of security features to consider as you develop and implement your own security policies. Check this link out mentioning the security best practices. Link- https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/security-best-practices.html

For your use-case, the following suggestion in the link is beneficial:

Use client certificate revocation lists to revoke access to a Client VPN endpoint for specific client certificates. For example, when a user leaves your organization. CRL:https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/cvpn-working-certificates.html

profile pictureAWS
TECNICO DI SUPPORTO
Chirag_R
con risposta 2 anni fa
  • enierop
    2 anni fa

    Thanks, but for now, I don't want revocation lists. And to do the WHOLE stuff. I simply have no time for that. Just want to know how to fix the current certificate.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente