top of page
CloudFront.10
CloudFront distributions should not use deprecated SSL protocols between edge locations and custom origins
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon CloudFront
AWS Foundational Best Practice, NIST.800-53.r5,
This control checks if CloudFront distributions are using deprecated SSL protocols for HTTPS communication between CloudFront edge locations and your custom origins. This control fails for a CloudFront distribution if it has a 'CustomOriginConfig' where ‘OriginSslProtocols’ includes ‘SSLv3’.
bottom of page