1 Answer
- Newest
- Most votes
- Most comments
0
It is possible.
AWS Private CA allows you to configure and publish certificate revocation lists (CRLs) to an S3 bucket for revocation checking. This S3 bucket can be public or private. With a private interface endpoint for S3, you can access the S3 bucket containing the CRL privately over the Direct Connect connection without going over the public internet. The private interface endpoint would perform revocation checks against the CRL during TLS handshake just like a public endpoint. You have the option to publish the CRL to a private S3 bucket, in which case the revocation checking would be done privately without exposing the CRL publicly.
Relevant content
- asked 18 days ago
- asked 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 6 months ago