🔐 Central SSL Management Node
ssl.ewaycorphosting.com
This server issues, renews, and distributes SSL certificates.
🔒
Certificate Status
TLS 1.3 · Let's Encrypt Authority X3
Domain
ssl.ewaycorphosting.com
Status
✓ VALID
Issued By
Let's Encrypt — Certbot (HTTP-01)
Cert Path
/etc/letsencrypt/live/ssl.ewaycorphosting.com/fullchain.pem
Key Path
/etc/letsencrypt/live/ssl.ewaycorphosting.com/privkey.pem
Auto-Renewal
systemd timer · daily
Protocol
TLSv1.3 TLSv1.2
HSTS
Enabled · max-age=31536000
✅
Apache Running
HTTP-01 challenge endpoint active at /.well-known/acme-challenge/
✅
SSM Agent Active
Cross-account cert deployment ready via AWS Systems Manager
✅
Secrets Manager
Certs stored under ssl/* namespace in AWS Secrets Manager
✅
IAM Roles Configured
CentralSSLManagerRole trusted by all child account SSLDeploymentRoles
✅
Auto-Renewal Timer
ssl-manager.timer runs daily, renews certs expiring within 30 days
✅
Firewall (UFW)
Only SSH (22) and HTTP (80) open. All other inbound traffic blocked
ubuntu@ssl-server:~$ sudo systemctl status ssl-manager.timer ● ssl-manager.timer - Run SSL Manager Certificate Renewal Daily Loaded: loaded (/etc/systemd/system/ssl-manager.timer; enabled) Active: active (waiting) Trigger: 2025-01-15 02:34:00 UTC — 18h 22min left ubuntu@ssl-server:~$ certbot certificates Found the following certs: Certificate Name: ssl.ewaycorphosting.com Domains: ssl.ewaycorphosting.com Expiry Date: 2025-04-10 (VALID: 87 days) Certificate Path: /etc/letsencrypt/live/ssl.ewaycorphosting.com/fullchain.pem Private Key Path: /etc/letsencrypt/live/ssl.ewaycorphosting.com/privkey.pem ubuntu@ssl-server:~$ /opt/ssl-manager/scripts/health-check.sh === SSL Manager Health Check === Apache Status: active SSM Agent Status: active AWS CLI Version: aws-cli/2.x Certbot Version: 2.x.x Certificate Count: 140 ================================ ubuntu@ssl-server:~$