AWS Security ChangesHomeSearch

AWS apigateway documentation change

Service: apigateway · 2025-04-11 · Documentation low

File: apigateway/latest/developerguide/how-to-specify-certificate-for-custom-domain-name.md

Summary

Removed requirement for publicly trusted CA for Regional certificates

Security assessment

Updates certificate requirements documentation but shows no evidence of addressing a security vulnerability

Diff

diff --git a/apigateway/latest/developerguide/how-to-specify-certificate-for-custom-domain-name.md b/apigateway/latest/developerguide/how-to-specify-certificate-for-custom-domain-name.md
index bdd8c41f0..fffd3a61f 100644
--- a//apigateway/latest/developerguide/how-to-specify-certificate-for-custom-domain-name.md
+++ b//apigateway/latest/developerguide/how-to-specify-certificate-for-custom-domain-name.md
@@ -17 +17 @@ The following are considerations for your SSL/TLS certificate.
-  * To use an ACM certificate with a Regional custom domain name, you must request or import the certificate in the same Region as your API. The certificate must be signed by a publicly trusted Certificate Authority and cover the custom domain name.
+  * To use an ACM certificate with a Regional custom domain name, you must request or import the certificate in the same Region as your API. The certificate must cover the custom domain name.