Pin an Application to a Certificate Issued by ACM
AWS does not recommend pinning your application to an SSL/TLS certificate. For more information about certificate pinning, see Certificate Pinning. If you pin a certificate, you provide a browser with an ID, or "pin," for the public key that is used for the website. If a user visits the website, the pin is cached by the browser, and that pin is then used to verify the public key during future visits. The pin information is usually included in the header in the HTTP response, and the pin information includes the time to live (TTL) for the pin. If the certificate changes, for example, when the certificate is renewed, that change might cause visitors to the website to receive an error, because a secure connection to the website can't be established.
If you must pin a certificate, we recommend that you pin to a certificate authority (CA) rather than to an individual certificate. If you pin a certificate to an Amazon Trust Services CA, be sure to pin to all CAs on the Amazon Trust Services table. If you pin a certificate, use one of the following options to be sure that the application can connect to the domain:
Pin your application to an Amazon root certificate
If you pin your application at the root certificate level, the Managed Renewal for ACM's Amazon-Issued Certificates renews the certificate under the same CA that issued the certificate, and the certificate Amazon Resource Name (ARN) remains the same. You can also pin your application to multiple CAs as backup pins, so if the certificate expires, you can request a new certificate and apply the certificate to your load balancer to reduce application downtime. For information about root certificates, certificate revocation list (CRL), Online Certificate Status Protocol (OCSP) responses, and other updates, see
Import your own certificate into ACM and pin your application to the imported certificate
Imported certificates are not renewed by the ACM-managed renewal process. You must manage the renewal of the certificate and keys. For more information, see Importing Certificates into AWS Certificate Manager.
相關推薦
Pin an Application to a Certificate Issued by ACM
AWS does not recommend pinning your application to an SSL/TLS certificate. For more information about certificate pinning, see Certificate Pinn
Use Auto Scaling to Improve the Fault Tolerance of an Application Behind a Load Balancer
Amazon Web Services is Hiring. Amazon Web Services (AWS) is a dynamic, growing business unit within Amazon.com. We are currently hiring So
Mapping an NCLOB to a String property in NHibernate
So I ran into an issue this evening where I needed to map a string property to a NCLOB column but I kept getting:"ORA-01461: can bind a LONG value on
Error connecting to orderer.example.com:7050 due to x509: certificate signed by unknown authority
前言 解決步驟 引用 前言 問題發生在測試fabric的過程中,【https://www.cnblogs.com/studyzy/p/6973334.html】根據這篇博文進行學習測試的過程中出現的 主要是這一步:接下來是Instantiate,也
Link an org to a network with IBM Blockchain Platform
The IBM Blockchain Platform is the only fully integrated enterprise-ready platform designed to accelerate the development, governance, and operation of a
Use Email to Validate Certificate Domains During ACM Renewal
ACM provides managed renewal for Amazon-issued SSL/TLS certificates. If the certificate was issued by ACM and it is associated to one of the Se
Nginx an upstream response is buffered to a temporary file
意義 http word pre 依次 rar usr 同時 -a 1.錯誤日誌:warn:an upstream response is buffered to a temporary file 解決辦法:增加fastcgi_buffers 8 4K;
ssemble JavaBeans components into an application without having to write any code
show str rop using .cn build desc cat easy https://docs.oracle.com/javase/tutorial/javabeans/ https://docs.oracle.com/javase/tutorial
NetScaler SNIPs Bound To An Interface Without A VLAN
nic objective summary uptime env imp oci map you NetScaler SNIPs Bound To An Interface Without A VLAN https://www.citrix.com/blogs/2014/0
Fiddler監聽Java應用程式http請求方法(Configure a Java Application to Use Fiddler)
Fiddler官網:http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureJavaApp Configure a Java Application to Use Fiddler 要配置Java應用程式以向Fiddle
android:Unable to add window -- token null is not for an application的解決方案
Error程式碼: new AlertDialog.Builder(getActivity().getApplicationContext()) .setTitle("No phone access permission") ****** .show(); Err
深度學習論文翻譯解析(二):An End-to-End Trainable Neural Network for Image-based Sequence Recognition and Its Application to Scene Text Recognition
論文標題:An End-to-End Trainable Neural Network for Image-based Sequence Recognition and Its Application to Scene Text Recognition 論文作者: Baoguang Shi, Xiang B
"The conversion of a datetime2 data type to a datetime data type resulted in an out-of-range value
這句話的意思是將datetime2資料型別轉換為datetime資料型別會導致超出範圍的值。宣告已經終止。 在使用EF插入資料是發生列轉換的錯誤,搞了好久,不知道問題出在哪裡! 根據提示的錯誤資訊來看是Datetime資料型別出現錯誤 後來發現 public Nullable<S
Go: several methods to Delete an element from a slice(fast & slow)
Go: Delete an element from a slice Here’s how to remove the element at index i from a slice. Fast version (changes order of elements):
影象拼接--A multiresolution spline with application to image mosaics
A multiresolution spline with application to image mosaics 《Acm Trans on Graphics》 , 1983 , 2 (4) :217-236 本文主要介紹使用 Multiresolution
Cannot refer to a non-final variable xx inside an inner class defined in a different method的原因
今天遇到一個小問題,下面是網上摘抄的解釋: 為了說明這個問題,先得明白說明是區域性內部類,區域性內部類就是在外部類的方法中定義的類。那麼標題中的錯誤指的是,內部類不能引用該方法中非 final 修飾的變數。 那麼為什麼呢? 因為生命週期的原因。方法中的區域性變數,方法結
Using SQL Patch to add hints to a packaged application
From Oracle Database 12c Release 2 onwards there's a public API call to create SQL patches using DBMS_SQLDIAG.CREATE_SQL_PATCH. If you're
how to publish an application using google app engine
Today, I did both a video recap and got my simple blog published. I am going to create a new video demonstrating how to publish your own blog after you
How to Check if an Array Contains a Value in Java Efficiently?
evel equal following ren ood fir -s nano -a How to check if an array (unsorted) contains a certain value? This is a very useful and freq
Ask HN: How do I go about selling an unsolicited service to a business?
I am a solo developer with limited professional resume/experience. I have developed a service specifically for a business for which I am a regular customer