If you landed here, I would like to get your feedback on a Certificate Validation Service that I've been playing with.

It is currently running on AWS Elastic Beanstalk, via the AWS API Gateway with a custom TLS domain.

It is accessible for testing via the following URLs:


    1. mTLS VIP, which *might* only honor Treasury Certificates via FCPCAG2

      1. Otherwise, you may receive a connection reset with mTLS failure


    1. No TLS, not recommended, will redirect to default below


    1. default

The source code is accessible at this address:

If you have concerns, or; you do not agree with the approach:

  1. Open an Issue, or;

  2. Create a pull request with your suggested changes.

Thanks for your time, and I look forward to your feedback!


Todd E. Johnson