Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-14502

Amazon Linux does not trust ISRG Root X1

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: Atlas
    • Labels:
    • Last comment by Customer:
      true
    • Story Points:
      3
    • Sprint:
      CET: OutKast (25 - 31 May 21), CET: Phish (1 - 7 June 2021)

      Description

      Description

      Amazon Linux AMI does not trust the new ISRG Root X1 root CA.

      Amazon Linux AMI is EOL which is probably why they are not getting the security updates needed to be compatible with ISRG Root X1. But there are many customers still using it, I've seen a few support cases opened in the last few days on this and there could be more.

      Some AWS lambda services are still hosted on Amazon Linux AMI, see https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html.

      Can we add a section in this doc similar to the "Hard-coded Certificate Authority" and the "Java user" section to warn people that if they are on Amazon Linux AMI they should migrate before September to Amazon Linux 2 which supports ISRG Root X1.

      Some context:
      https://community.letsencrypt.org/t/confirm-whether-amazon-linux-trust-isrg-root-x1/152464

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

        Attachments

          Activity

            People

            Assignee:
            zach.carr Zachary Carr
            Reporter:
            jennifer.huang Jennifer Huang
            Participants:
            Last commenter:
            Zachary Carr Zachary Carr
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Days since reply:
              16 weeks, 6 days ago
              Date of 1st Reply: