Feature Request: Support Certificate Type Restrictions

### Problem:

Customers wish to restrict certificates on both the local and peer side of connections. Additionally customers wish to be able to restrict certificate key types. This issue will be used for tracking the implementation of this feature.

### Solution:

- [x] apply `certificate_signature_preferences` local certs
- [x] add a `certificate_key_preferences` field to the security policy
- [ ] add compliance rule for RFC9151 support
- [ ] retrieve the associated digest from rsa-pss signatures to fully support RSA-PSS certs

[//]: #  (NOTE: If you believe this might be a security issue, please email aws-security@amazon.com instead of creating a GitHub issue. For more details, see the AWS Vulnerability Reporting Guide: https://aws.amazon.com/security/vulnerability-reporting/ )


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature Request: Support Certificate Type Restrictions #4339

Problem:

Solution:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development