Back to All Checks
Low CloudFront

CloudFront distributions should use SNI to serve HTTPS requests

NISTHIPAA

Description

Checks if CloudFront distributions are using SNI to serve HTTPS requests. This control fails if a custom SSL/TLS certificate is associated but the SSL/TLS support method is a dedicated IP address.

Remediation

To configure a CloudFront distribution to use SNI to serve HTTPS requests, refer to the Amazon CloudFront Developer Guide.

Steps

  1. Open the Amazon CloudFront console.
  2. Choose the distribution to update.
  3. Navigate to the 'Distribution Settings' and select the 'SSL Certificate' section.
  4. Ensure the SSL support method is set to 'SNI-only'.
  5. Save changes.

Compliance

NISTHIPAA
Start Your Free Security Check