AWS acm documentation change
Summary
Added ACME and Wildcard Certificate definitions, updated terminology
Security assessment
The change adds documentation for security concepts (ACME protocol and wildcard certificates) and updates section headers, enhancing security understanding but not addressing specific vulnerabilities.
Diff
diff --git a/acm/latest/userguide/acm-concepts.md b/acm/latest/userguide/acm-concepts.md index b7b64becd..1263b834a 100644 --- a//acm/latest/userguide/acm-concepts.md +++ b//acm/latest/userguide/acm-concepts.md @@ -7 +7 @@ -ACM CertificateACM Root CAsApex DomainAsymmetric Key CryptographyCertificate AuthorityCertificate Transparency LoggingDomain Name SystemDomain NamesEncryption and DecryptionFully Qualified Domain Name (FQDN)Hypertext Transfer Protocol (HTTP)Public Key Infrastructure (PKI)Root CertificateSecure Sockets Layer (SSL)Secure HTTPSSSL Server CertificatesSymmetric Key CryptographyTransport Layer Security (TLS)Trust +Automated Certificate Management Environment (ACME)ACM CertificateACM Root CAsApex DomainAsymmetric Key CryptographyCertificate AuthorityCertificate Transparency LoggingDomain Name SystemDomain NamesEncryption and DecryptionFully Qualified Domain Name (FQDN)Hypertext Transfer Protocol (HTTP)Public Key Infrastructure (PKI)Root CertificateSecure Sockets Layer (SSL)Secure HTTPSSSL Server CertificatesSymmetric Key CryptographyTransport Layer Security (TLS)TrustWildcard Certificate @@ -14,0 +15,2 @@ This section provides definitions of concepts used by AWS Certificate Manager. + * Automated Certificate Management Environment (ACME) + @@ -52,0 +55,4 @@ This section provides definitions of concepts used by AWS Certificate Manager. + * Wildcard Certificate + + + @@ -53,0 +60 @@ This section provides definitions of concepts used by AWS Certificate Manager. +## Automated Certificate Management Environment (ACME) @@ -54,0 +62,3 @@ This section provides definitions of concepts used by AWS Certificate Manager. +The Automated Certificate Management Environment (ACME) is a protocol defined in RFC 8555 for automating certificate issuance and lifecycle management through machine-to-machine communication between certificate requesters (called ACME clients) and Certificate Authorities. ACME eliminates manual steps in certificate provisioning by enabling clients such as Certbot and cert-manager to request, validate, and install certificates without human intervention. + +ACM provides a managed ACME server implementation for automating public certificate issuance on customer-managed infrastructure. For more information, see [ACME certificate automation](./acm-acme.html). @@ -295,0 +306,4 @@ In order for a web browser to trust the identity of a website, the browser must +## Wildcard Certificate + +A wildcard certificate secures multiple subdomains at the same level by using an asterisk (`*`) in the leftmost position of the domain name. For example, a certificate for `*.example.com` protects `login.example.com` and `test.example.com`. A wildcard protects only one subdomain level: it does not protect the apex domain `example.com`, or multi-level subdomains such as `test.login.example.com`. + @@ -304 +318 @@ What is AWS Certificate Manager? -What is the right AWS certificate service for my needs? +Choosing how to issue certificates with AWS