Skip to main content

IPv6, HTTPS, & Certificate Management

Overview

Cloud.gov enforces federal domain security standards:

  • Dual-stack IPv4/IPv6 networking for external endpoints in AWS GovCloud (US), satisfying OMB M-21-07’s IPv6 transition mandate.
  • High availability across multiple AZs: Application endpoints are load-balanced across multiple AWS GovCloud (US) Availability Zones for fault tolerance and automated failover.
  • Mandatory HTTPS for all inbound and outbound traffic, with automatic HTTP→HTTPS redirects and HSTS headers per OMB M-15-13 requirements.
  • FIPS-validated TLS termination at the platform edge using AWS security policies (ELBSecurityPolicy-TLS13-1-2-FIPS-2023-04).
  • Automated TLS certificate management via Let’s Encrypt’s ACME protocol, ensuring seamless issuance, renewal, and rotation across domains.
  • Optional DNSSEC for custom domains to prevent DNS spoofing; once enabled by the customer, Cloud.gov serves signed records transparently.

Customers should contact support@cloud.gov for any additional security or configuration questions.

GSA.gov

An official website of the U.S. General Services Administration

Looking for U.S. government information and services?
Visit USA.gov