Migrating to Amazon Trust Services from DigiCert SSL Certificate

Get ready to migrate Amazon Simple Storage Service (S3) and Amazon CloudFront services’ certificates from DigiCert to Amazon Trust Services starting March 23, 2021.​

If you are using Amazon Access S3 or Amazon CloudFront as endpoints for any of your custom applications, ensure that you have verified the Amazon Trust Services to have an uninterrupted workflow. Verification is essential to build a secure connection between the server and the web browsers.

Why you need a trusted connection for our web browsers.

TLS(Transport Layer Security), formerly known as SSL(Secure Sockets Layer), is a must for exchanging encrypted information over the internet. An electronic document called the Certificate is essential to build a secure connection between the server and our system browser. Certificate Authorities, also referred to as CAs, issue domain certificates so your browser or application knows that the website you are communicating with is safe.

Amazon Trust Services repository consists of an AWS(Amazon Web Services) Certificate Manager that lets you deploy SSL/TLS certificates quickly. Browsers and applications display a specific error message if Amazon Trust Services certificates do not verify the website.

So, here is what is changing with the Amazon Trust Services migration.

Amazon is migrating its Amazon S3 and Amazon CloudFront’s DigiCert Certificate Authority to Amazon Trust Services. Note that this change does not affect browsers and applications that use a custom SSL/TLS certificate or HTTP protocol.

When is the migration happening?

The Certificate Authority changes will start happening from March 1, 2021.

The Certificate Authority changes will start happening from March 1, 2021.

All client applications currently communicating with Amazon S3 and Amazon Cloud front will receive a default certificate issued by Amazon Trust Services. If your custom application has not trusted the Amazon Trust Services’ Certificate Authority, it may end the connection and report the SSL certificate as ‘Untrusted.’

What should you do to stay updated with the migration?

Organizations are required to evaluate whether their applications trust Amazon Trust Service’s Root Certificates. Alternatively, they can change their application domain name to a CloudFront Alternative Domain Name(CNAME) which uses an SSL/TLS certificate from an already trusted Certificate Authority.

Migrating to Amazon Trust Services

Why choose Infomaze for your Amazon Trust Services certificate migration?

Developers at Infomaze give utmost importance to secure application development and follow all the industry-standard protocols. We understand how important it is to keep track of any such security updates to ensure your applications’ smooth functioning. Our attention to detail has proved a hassle-free uninterrupted business workflow across companies we have worked with so far.

Not sure if your application is running on Amazon Trust Services? Worry not; we will check if your application runs on the Amazon Trust Services certificate and help migrate with no stress and minimum disruptions. We plan application migration services strategically as per individual business requirements. Our custom solutions are logical, reliable, and meet your operational goals.

Most AWS CLIs and AWS SDK’s aren’t impacted by the migration, but if you are using specific applications that use an outdated CLI and SDK, you must upgrade your certificates.

Not sure how to take up this certificate migration?

Reach out to us for a detailed analysis of your business workflow, and we are sure to get your applications migrated to a secure platform.