Changes to RSA certificate requirements coming April 28, 2025

## Announcement **Changes to RSA certificate requirements coming April 28, 2025** We're changing how Application Load Balancers establish TLS connections to backends. This change fixes a problem where the keyUsage extension of RSA certificates is not being validated consistently and might allow a certificate that should have been rejected based on the keyUsage configuration. **What you need to do** _Starting April 28, 2025_, RSA certificates that don't meet the keyUsage configuration requirements will no longer be considered valid for establishing TLS connections. We recommend that you check whether your backends' RSA certificates are invalid, and replace them with valid certificates if needed. A valid RSA certificate is one that has the X509v3 Key Usage extension and includes both the Digital Signature and Key Encipherment parameters. To identify an invalid RSA certificate, perform the following steps: 1. First confirm that the certificate type is RSA by running the following command. `openssl x509 -text -in cert.crt | grep "Public Key Algorithm"`. For RSA certificates, this should output `rsaEncryption`. If it is a non-RSA certificate (for example, EC), you don't need to take any more action at this time. 2. If it is an RSA certificate, examine the Key Usage configuration by running the following command: `openssl x509 -text -in cert.crt | grep -A1 "X509v3 Key Usage"` For a valid RSA certificate, the correct value is `Digital Signature, Key Encipherment`. If either of these values is not present, the RSA certificate is invalid. For more information about the X.509 certificate format, see [RFC 5280 Key Usage](https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3).