SSL Certificates
These endpoints use certificates managed through AWS Certificate Manager / Amazon Trust Services. Use the normal trust store provided by your operating system, runtime, or browser where possible.
ACM Certificate Guidance
The certificates for these hostnames are issued and renewed through AWS Certificate Manager:
*.eziapi.comeziapi.com
Do not pin the leaf certificate or an intermediate CA for these endpoints. ACM may rotate or reissue certificates, and Amazon Trust Services guidance is to trust the root public keys if your application must pin.
For custom trust stores, include the non-EU Amazon Trust Services roots listed below. We are not using the AWS European Sovereign Cloud ACM roots.
Amazon Trust Services Roots
Amazon Trust Services publishes its current roots and pinning guidance in the Amazon Trust Services repository. For ACM help, see the AWS Certificate Manager documentation.
| Root CA | Distinguished name | SPKI SHA-256 | Certificate |
|---|---|---|---|
| Amazon Root CA 1 | CN=Amazon Root CA 1,O=Amazon,C=US |
fbe3018031f9586bcbf41727e417b7d1c45c2f47f93be372a17b96b50757d5a2 |
PEM / DER |
| Amazon Root CA 2 | CN=Amazon Root CA 2,O=Amazon,C=US |
7f4296fc5b6a4e3b35d3c369623e364ab1af381d8fa7121533c9d6c633ea2461 |
PEM / DER |
| Amazon Root CA 3 | CN=Amazon Root CA 3,O=Amazon,C=US |
36abc32656acfc645c61b71613c4bf21c787f5cabbee48348d58597803d7abc9 |
PEM / DER |
| Amazon Root CA 4 | CN=Amazon Root CA 4,O=Amazon,C=US |
f7ecded5c66047d28ed6466b543c40e0743abe81d109254dcf845d4c2c7853c5 |
PEM / DER |
| Starfield Services Root Certificate Authority - G2 | CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US |
2b071c59a0a0ae76b0eadb2bad23bad4580b69c3601b630c2eaf0613afa83f92 |
PEM / DER |