RSA certificates managed by AWS ACM should use a key length of at least 2,048 bits

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

This metric evaluates whether RSA certificates overseen by AWS Certificate Manager utilize a key length that is a minimum of 2,048 bits. The strength of encryption has a direct relationship with the size of the key.

Remediation

The lower limit for the key length of RSA certificates provided by ACM is set at 2,048 bits. Directions on issuing new RSA certificates with ACM can be found in the AWS Certificate Manager User Guide.

Although ACM permits the import of certificates with shorter key measures, it is essential to use keys with a minimum length of 2,048 bits to comply with this guideline. The key length cannot be modified post-import. If a certificate has a key length less than 2,048 bits, it must be eliminated. For additional details on importing certificates into ACM, please refer to the AWS Certificate Manager User Guide regarding requirements for importing certificates.