AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-05-16 · Documentation medium

File: cli/latest/reference/cloudfront/update-trust-store.md

Summary

Added --use-client-certificate-ocsp-endpoint option for certificate revocation management

Security assessment

Extends security documentation with OCSP revocation configuration capability, but no vulnerability fix is indicated.

Diff

diff --git a/cli/latest/reference/cloudfront/update-trust-store.md b/cli/latest/reference/cloudfront/update-trust-store.md
index 19d58b6d3..579525efa 100644
--- a//cli/latest/reference/cloudfront/update-trust-store.md
+++ b//cli/latest/reference/cloudfront/update-trust-store.md
@@ -15 +15 @@
-  * [AWS CLI 2.34.45 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.48 Command Reference](../../index.html) »
@@ -68 +68,2 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/cloudf
-    --ca-certificates-bundle-source <value>
+    [--ca-certificates-bundle-source <value>]
+    [--use-client-certificate-ocsp-endpoint | --no-use-client-certificate-ocsp-endpoint]
@@ -106 +107 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/cloudf
-`--ca-certificates-bundle-source` (tagged union structure) [required]
+`--ca-certificates-bundle-source` (tagged union structure)
@@ -160,0 +162,4 @@ JSON Syntax:
+`--use-client-certificate-ocsp-endpoint` | `--no-use-client-certificate-ocsp-endpoint` (boolean)
+
+> A Boolean that determines whether to use the CA certificate’s OCSP endpoint to check certificate revocation status.
+
@@ -316,0 +322,4 @@ TrustStore -> (structure)
+> 
+> UseClientCertificateOCSPEndpoint -> (boolean)
+>
+>> A Boolean that determines whether the trust store uses the CA certificate’s OCSP endpoint to check certificate revocation status.
@@ -332 +341 @@ ETag -> (string)
-  * [AWS CLI 2.34.45 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.48 Command Reference](../../index.html) »