The amzon-efs-utils package comes preinstalled on Amazon Linux and Amazon Linux 2 Amazon Machine Images (AMIs).
By default, when using the Amazon EFS mount helper with Transport Layer Security (TLS), the mount helper enforces certificate hostname checking. The Amazon EFS mount helper uses the stunnel program for its TLS functionality. Some versions of Linux don't include a version of stunnel that supports these TLS features by default. When using one of those Linux versions, mounting an Amazon EFS file system using TLS fails.
When you've installed the amazon-efs-utils package, to upgrade your system's version of stunnel, see Upgrading stunnel.
You can use AWS Systems Manager to manage Amazon EFS clients and automate the tasks required to install or update the amazon-efs-utils package on your EC2 instances. For more information, see Using AWS Systems Manager to automatically install or update Amazon EFS clients.
For issues with encryption, see Troubleshooting Encryption.