aws client vpn - choice of certificate authority

Cal

5/12/23, 3:19 PM

I am tasked to research on how to use aws client vpn service. After some reading I am a bit confused with the choice of certificate. It seems to use the client vpn, we will need to use aws private CA, instead of public CA because the public one is for domains. But the pricing of private CA is somewhat a surprise, $400 for one CA per month plus any additional applicable.

Please correct me if it's not private CA for creating the client vpn. Thank you.

0 + 0

vpn

certificate-authority

amazon-web-services

Score:1

Server

Tim

5/12/23, 5:27 PM

You can use AWS Private CA, but it's very expensive. You can follow the AWS Getting Started Guide which uses a free "Easy RSA" CA, which is fairly easy.

You'll want to be careful with this in production. From memory it gives you a shared certificate / key that multiple people use, which isn't good for security. For an enterprise you'll probably want to use the AD integration feature of Client VPN, which I haven't looked into in any detail.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: aws client vpn - choice of certificate authority

TH: aws client vpn - ตัวเลือกของผู้ออกใบรับรอง

RO: aws client vpn - alegerea autorității de certificare

RU: aws client vpn — выбор центра сертификации

VI: aws client vpn - lựa chọn cơ quan cấp chứng chỉ

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.