zuntan02のはてなブログ

備忘録的なものです

【ACM】SSL証明書年次更新について

【概要】

ELBに設置していたワイルドカードSSL証明書ACM)について、年次更新の案内メールが来た。FQDNならメールもなく自動更新らしいがワイルドカード証明書だとメール確認が必要。
新規取得時と同様のメールアドレスに承認メールが届くため、承認URLから承認すると、証明書の期限が自動的に1年延長される
(マネージドコンソールでの作業は不要)


【案内メール】

タイトル:Certificate renewal for example.com requires approval
メール本文:

Greetings from Amazon Web Services,

An SSL/TLS certificate for example.com is nearing its expiration date and requires your approval to renew.

Verify that the following domain, AWS account ID, AWS Region, certificate identifier, and expiration date correspond to a certificate that you or someone in your organization is using.

Domain: *.example.com
AWS account ID: xxxx-xxxx-xxxx
AWS Region name: us-east-1
Certificate identifier: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Expiration date: Dec 07, 2017 at 12:00:00 UTC

To approve this request, go to Amazon Certificate Approvals
<承認URL>
and follow the instructions on the page. 

If you choose not to approve this request, you do not need to do anything; however, the certificate will expire, which might make your website unreachable. To prevent future approval requests for this certificate, delete the certificate. See the AWS Certificate Manager User Guide for details.

This email is intended solely for authorized individuals for example.com. To express any concerns about this email or if this email has reached you in error, forward it along with a brief explanation of your concern to validation-questions@amazon.com.

Sincerely,
Amazon Web Services

【更新完了案内メール】

タイトル:Your certificate is renewed
メール本文:

Greetings from Amazon Web Services,

This notification is to notify you that AWS Certificate Manager (ACM) has completed the renewal of an SSL/TLS certificate for the following domains: 
*.example.com

AWS account ID: Xxxxxxxxxx
AWS Region name: us-east-1
Certificate identifier: arn:aws:acm:us-east-1:xxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Your new certificate expires on Nov 25, 2018 at 12:00:00 UTC. 
If you have questions about this process, please use the Support Center at https://console.aws.amazon.com/support to contact AWS Support. If you don’t have an AWS support plan, post a new thread in the AWS Certificate Manager discussion forum at https://forums.aws.amazon.com/forum.jspa?forumID=206

This notification is intended solely for authorized individuals for *.legend-of-war.com. To express any concerns about this notification or if it has reached you in error, forward it along with a brief explanation of your concern to validation-questions@amazon.com.

Sincerely,
Amazon Web Services