.svg)
AWS Private CA OCSP now available in China and AWS GovCloud (US) Regions
AWS Private Certificate Authority Updates
AWS Private CA now supports Online Certificate Status Protocol (OCSP) in China and AWS GovCloud (US) Regions. OCSP enables real-time certificate validation, allowing applications to check the revocation status of individual certificates on-demand.
With OCSP support, customers can implement more efficient certificate validation with minimal bandwidth, typically requiring a few hundred bytes per query, versus downloading large Certificate Revocation Lists (CRLs). This enables real-time revocation checks for use cases such as validating internal microservices communications, implementing zero trust security architectures, and authenticating IoT devices.
OCSP is now available in the following AWS Regions: China (Beijing), China (Ningxia), AWS GovCloud (US-East), and AWS GovCloud (US-West).
What to do
- Enable OCSP for your certificate authorities using the AWS Private CA console, AWS CLI, or API.
- Review the Certificate Revocation section in the AWS Private CA User Guide.
- Check the AWS Private CA pricing page for more information.
Source: AWS release notes
If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.
