RSA certificates managed by AWS ACM should use a key length of at least 2,048 bits

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This metric evaluates whether RSA certificates overseen by AWS Certificate Manager utilize a key length that is a minimum of 2,048 bits. The strength of encryption has a direct relationship with the size of the key.

Remediation

The lower limit for the key length of RSA certificates provided by ACM is set at 2,048 bits. Directions on issuing new RSA certificates with ACM can be found in the AWS Certificate Manager User Guide.

Although ACM permits the import of certificates with shorter key measures, it is essential to use keys with a minimum length of 2,048 bits to comply with this guideline. The key length cannot be modified post-import. If a certificate has a key length less than 2,048 bits, it must be eliminated. For additional details on importing certificates into ACM, please refer to the AWS Certificate Manager User Guide regarding requirements for importing certificates.