LOW
Source
CloudSploit
ID
certificate-expiry

Certificate Expiry

Detect upcoming expiration of certificates used with ELBs

Certificates that have expired will trigger warnings in all major browsers

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the AWS Management Console.

  2. Select the “Services” option and search for EC2. Step

  3. In the left navigation panel, scroll down to “Load balancing” and click on “Load balancers”. Step

  4. Click on the search box at the top and select “Type” as the filter attribute and “application” as the type value. Step

  5. This search will filter and return load balancers with application type only.Step

  6. Select the load balancer and click on “Listeners” tab in the bottom panel. Step

  7. Scroll down to “HTTPS : 443” listener ID and click on “View/edit certificates”. Step

  8. Check the date under the “Expires” column for the certificates listed. If the date is already passed or is near then you should renew the certificate by clicking on the “ACM” Link under “Service” column.Step

  9. Repeat steps 5 to 8 for all other application load balancers.