Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-14502

Amazon Linux does not trust ISRG Root X1

    XMLWordPrintable

Details

    • Task
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • None
    • Atlas
    • 3
    • CET: OutKast (25 - 31 May 21), CET: Phish (1 - 7 June 2021)
    • true

    Description

      Description

      Amazon Linux AMI does not trust the new ISRG Root X1 root CA.

      Amazon Linux AMI is EOL which is probably why they are not getting the security updates needed to be compatible with ISRG Root X1. But there are many customers still using it, I've seen a few support cases opened in the last few days on this and there could be more.

      Some AWS lambda services are still hosted on Amazon Linux AMI, see https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html.

      Can we add a section in this doc similar to the "Hard-coded Certificate Authority" and the "Java user" section to warn people that if they are on Amazon Linux AMI they should migrate before September to Amazon Linux 2 which supports ISRG Root X1.

      Some context:
      https://community.letsencrypt.org/t/confirm-whether-amazon-linux-trust-isrg-root-x1/152464

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

      Attachments

        Activity

          People

            zach.carr@mongodb.com Zachary Carr
            jennifer.huang@mongodb.com Jennifer Huang (Inactive)
            Zachary Carr Zachary Carr
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              1 year, 27 weeks ago