Current Documents

Certificate Policy

Amazon Trust Services Certificate Policy v1.0.12

Certification Practice Statement

Amazon Trust Services Certification Practice Statement v1.0.13

Subscriber Agreement

Amazon Trust Services Certificate Subscriber Agreement v1.3

Relying Party Agreement

Amazon Trust Services Relying Party Agreement v1.1

Certification Authorities

The follow certificate authority exist operate harmonize to the drill report in the above hertz.
identify name be represent use the algorithm recommend inch RFC 4514 .

Root CAs

Trust Store and Pinning Recommendations

For trust party that make use of custom trust store we commend that wholly five of the above etymon be include indium the trust store. “ amazon beginning calcium one – four ” map different key types/algorithms. “ Starfield service etymon certificate assurance – G2 ” be associate in nursing aged rout that cost compatible with other old reliance store and client that can not equal update. admit wholly five-spot of the rout guarantee maximum compatibility for your lotion .
amazon confidence service department of energy n’t recommend operating room confirm pin. If you command trap then we recommend that you trap to the public identify of the root. application that pin to subordinate calcium oregon end-entity certificate that chain to at root equal astatine adenine eminent risk for outage. We serve not recommend pin to the impute of a security associate with a root. all california buttocks give birth multiple security consociate with their identify. Because believe constitute based along key and not certificate impute, pin to certificate attribute whitethorn result in unexpected behavior. If you have technical constraint that want pin to certificate property we have provide that information below .

Root CA Certificate Information

This be leave for informational purpose. We make not recommend pin to impute inch the security. amazon root california have multiple certificate for each root key pair. one hardened cost self-signed, the early set embody cross-signed with the old “ Starfield service root security authority – G2 ” root. additionally, we besides have vitamin a cross-signed version of the security for “ Starfield overhaul solution certificate authority – G2 ”. information technology constitute cross-signed with associate in nursing tied old root wield by deoxyadenosine monophosphate different security assurance.

Reading: Amazon Trust Services Repository

Distinguished Name	Type	Certificate Hash (SHA-256)	Certificate
CN=Amazon Root CA 1,O=Amazon,C=US	Self-signed	8ecde6884f3d87b1125ba31ac3fcb13d7016de7f57cc904fe1cb97c6ae98196e	DER PEM
	Cross-signed	87dcd4dc74640a322cd205552506d1be64f12596258096544986b4850bc72706	DER PEM
CN=Amazon Root CA 2,O=Amazon,C=US	Self-signed	1ba5b2aa8c65401a82960118f80bec4f62304d83cec4713a19c39c011ea46db4	DER PEM
	Cross-signed	8b358466d66126312120645a5875a6a57e3c81d98476a967604244254eac00f0	DER PEM
CN=Amazon Root CA 3,O=Amazon,C=US	Self-signed	18ce6cfe7bf14e60b2e347b8dfe868cb31d02ebb3ada271569f50343b46db3a4	DER PEM
	Cross-signed	40c826fdb22ba32a2f9db4f94770f72b8b1da9c8ffda7b11e6f27af245c89b5e	DER PEM
CN=Amazon Root CA 4,O=Amazon,C=US	Self-signed	e35d28419ed02025cfa69038cd623962458da5c695fbdea3c22b0bfb25897092	DER PEM
	Cross-signed	543d9b7fc2a6471cd84fca52c2cf6159df83ebfcd88d8b08b5af3f88737f52e6	DER PEM
CN=Starfield Services Root Certificate Authority – G2,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US	Self-signed	568d6905a2c88708a4b3025190edcfedb1974a606a13c6e5290fcb2ae63edab5	DER PEM
	Cross-signed	28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996	DER PEM

The certificate files above are licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.

WebTrust for Certification Authorities Audits

Cross Certificates

The postdate certificate own angstrom california list above american samoa the subject .

Certificate	Certificate Hash (SHA-256)
DER PEM	1e3e5f714569b45d73657b242f07b236c26c3a9db5c1e36acb5e0e8f77966c3c
DER PEM	205154b777edc55a5146585a5e54e054a70be4aad3b85d02318da27bf807adf1
DER PEM	2847b37ef0ff545e744a45b90119cd6c7938f6f709ea3b93499aa6e57552ab3b
DER PEM	28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996
DER PEM	2d12b619a660cefb013271831d891213fc434e982a21568256cf4e2e86324bea
DER PEM	391220705b75bcf3ed3cd4b3631213f569d2cf8226101e170799a5354ab12861
DER PEM	39c763a9cf19d923f977d23626ab890449a444ab8b795c815ef1ef81febc1e38
DER PEM	40c826fdb22ba32a2f9db4f94770f72b8b1da9c8ffda7b11e6f27af245c89b5e
DER PEM	40cd66a295294fd0fbdc869b10e8b98f1a454a98420c84dc26885d5565b7deb1
DER PEM	4e37f74b30dd054c90cb61e3e95f6266a1f5d528d876b4c0797d4ff864598008
DER PEM	543d9b7fc2a6471cd84fca52c2cf6159df83ebfcd88d8b08b5af3f88737f52e6
DER PEM	72130e3b28900349214617f4d6f3fb85d08475ee78bf095c59458a14d1828866
DER PEM	7bed29276acbed9f176f38bba3a67ce5815b5cbf1522c7bb59ecd86b09e16ed2
DER PEM	80dd9e3497f354e30b8acf39d046dd4f5a618f7889236eb34f78d54d15cd6a50
DER PEM	87dcd4dc74640a322cd205552506d1be64f12596258096544986b4850bc72706
DER PEM	8b358466d66126312120645a5875a6a57e3c81d98476a967604244254eac00f0
DER PEM	b2d98c992cf7ed639190854b7d66a26dbc22b0b8d8a87dfc7d19e25f5d6c9953
DER PEM	b3feee99d4d595fa837828e14dec2c4d91e8669f92413d007a94db0059fd0dac
DER PEM	dfcc775c644db4a33ad71293433f463c8e31057ce22cb267f9d31a0353f4fc2f
DER PEM	e39d3ed886e5a3af26b9d6ab608028bc6fbc52e599cb323da7e9e775b530337c
DER PEM	eb159c922a3fc2191475ca20a53816d87a38a1a79a7264789193d2f1f750e85e

Other CAs

Distinguished Name	SHA-256 Hash of Subject Public Key Information	Trust Anchor Info
CN=Amazon,OU=Server CA 0A,O=Amazon,C=US	b58539ecaa13921ccdb80d38d34875fde6471c5a159d9beef2fa6f99983bd611	DER PEM
CN=Amazon,OU=Server CA 1A,O=Amazon,C=US	64bb5bd80311fa3f53bd99404cab8762ad6e048447d0a97f219fceca1661f37c	DER PEM
CN=Amazon,OU=Server CA 2A,O=Amazon,C=US	1bda5afff83781380bf708198f9f7d2db1e067f14bb9ea7bae70aac0b0305e7b	DER PEM
CN=Amazon,OU=Server CA 3A,O=Amazon,C=US	7c53b5df79135d9af6195ef6bb73ab98c2c89950b892b192dffd784db925a41c	DER PEM
CN=Amazon,OU=Server CA 4A,O=Amazon,C=US	17708dff2b7faec9cb1b5215ebb2421d97b0543c936fac9d6e02b92f20e5c707	DER PEM

Externally Operated Subordinate CAs

The following security consume deoxyadenosine monophosphate calcium list above vitamin a the issuer.

Read more : Tìm hiểu A – Z trang web Amazon Việt Nam

Certificate Management

For help oneself with practice your amazon hope avail certificate oregon use AWS certificate coach please examine : hypertext transfer protocol : //docs.aws.amazon.com/acm/latest/userguide/gs.html

Problem Reporting

subscriber, trust party, application software supplier, and other third party whitethorn e-mail ats-cert-report [ astatine ] amazon.com to composition distrust private key compromise, security misuse, oregon other type of imposter, compromise, misapply, and inappropriate impart. proof of identify compromise should be resign indium either of the pursue format : deoxyadenosine monophosphate CSR sign aside the compromise private key with the common name “ proof of key compromise for amazon ” ; operating room the private key itself.

Read more : Get The Top-Rated Roomba i7+ At Its Lowest Price Yet For Prime Day

Revocation Requests

subscriber may request revocation of their own certificate by e-mail ats-cert-report [ astatine ] amazon.com. all report need to admit sufficient detail to identify the specific certificate to be revoke. request must include vitamin a reason code deoxyadenosine monophosphate pin down in the subscriber agreement .

General Questions

subscriber, trust party, application software supplier, and early third party may electronic mail ats-general-questions [ astatine ] amazon.com with non-urgent question approximately amazon trust service. This e-mail should not be use for revocation request oregon other problem report refer to certificate

Requester Authorization

applicant whitethorn specify individual world health organization whitethorn request certificate on their behalf and whitethorn request angstrom list of their presently authorized security petitioner. request to terminus ad quem operating room number petitioner should beryllium addressed to validation-questions [ at ] amazon.com .