AWS Security ChangesHomeSearch

AWS network-firewall documentation change

Service: network-firewall · 2026-03-16 · Documentation medium

File: network-firewall/latest/developerguide/tls-inspection-considerations.md

Summary

Added note about AWS Certificate Manager public certificates being supported for cross-signed scenarios

Security assessment

Clarifies certificate requirements for TLS inspection security feature without addressing vulnerabilities

Diff

diff --git a/network-firewall/latest/developerguide/tls-inspection-considerations.md b/network-firewall/latest/developerguide/tls-inspection-considerations.md
index 64226e576..b1f3a4b59 100644
--- a//network-firewall/latest/developerguide/tls-inspection-considerations.md
+++ b//network-firewall/latest/developerguide/tls-inspection-considerations.md
@@ -81 +81 @@ The following limitations apply to TLS inspection configurations:
-  * Cross-signed root certificates aren't supported. For more information, see [Using SSL/TLS certificates with TLS inspection configurations in AWS Network Firewall](./tls-inspection-certificate-requirements.html).
+  * Cross-signed root certificates aren't supported. AWS Certificate Manager public certificates are cross-signed but can be used for TLS inspection. For more information, see [Using SSL/TLS certificates with TLS inspection configurations in AWS Network Firewall](./tls-inspection-certificate-requirements.html).