The AWS Certificate Manager security scan on Vectrix detects a variety of SSL/TLS certificate issues in a connected AWS account that could be leaving you vulnerable or non-compliant. This includes expired and expiring certificates, certificates with misconfigurations, and other issues.
Scan on-demand to detect active ACM security issues that you have.
Monitor continuously to get alerted about new ACM security issues in the future.
Don't know how AWS Certificate Manager works? Read more below.
What this scan detects
Expired and expiring certificates
Expired and expiring SSL certificates can be problematic as expired certificates can break services and cause system outages and downtime.
Failed certificate renewals
Get alerted when certificates managed in ACM fail to renew. Use Monitoring to receive this finding.
Certificates with wildcard domains
Having SSL certificates configured with wildcard domains can be problematic as they introduce a greater risk of a bad actor leveraging a fraudulent subdomain for malicious purposes should the certificate's private key become compromised.