S3 migrating certs- how does this affect Discourse sites?

We received an email from AWS saying they are migrating their certificates to a different service. Can someone please explain how this might affect Discourse sites? As far as I know, there are two Discourse use cases for S3:

We use S3 only for backups, but it may be helpful to others if someone could break this down for both use cases.

Here’s the first paragraph of the email- entire email is attached.

This is a reminder that Amazon Simple Storage Service (S3) and Amazon CloudFront are both migrating their services’ certificates from DigiCert to Amazon Trust Services starting March 23, 2021. If you do not send HTTPS traffic directly to your S3 bucket, or only use custom domains like www.example.com with your CloudFront distribution, then there is no impact and you can disregard this message. If you do send HTTPS traffic directly to your S3 bucket, or use CloudFront domains covered by *.cloudfront.net, please continue reading and review the FAQ below on which certificates are migrating.

aws_email.txt (3.4 KB)

From my reading …

if you build custom certificate trust stores or use certificate pinning, you may need to alter your configurations

… unless you do either of those things, then you don’t need to do anything.


Thanks @codinghorror, I have a standard install and don’t know what those two things mean, so I guess I’m good.