I renewed my Amazon-issued SSL certificate or reimported my certificate to ACM. Why does CloudFront still show the old certificate?
I renewed my Amazon-issued SSL certificate on AWS Certificate Manager (ACM). Or, I reimported my SSL certificate to ACM. Why does Amazon CloudFront still show the previous version of the certificate?
Resolution
CloudFront might still use the previous certificate because the certificate renewal or reimport process is not yet complete. Renewing or reimporting a certificate is an asynchronous process, so several hours can elapse before CloudFront shows changes to the certificate.
To avoid certificate expiration issues, renew or reimport your certificate at least 24 hours before the NotAfter value of your current certificate. If you're within 24 hours of the certificate expiration, request a new certificate from ACM, or import a new certificate to ACM. Then, associate the new certificate to the CloudFront distribution.
Related information
Managed renewal for ACM certificates
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
Need more elaborate on term "several hours". If the max waiting time required is 24 hours before seeking help from AWS support, please address it in this doc. Thanks.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 9 Monaten
- AWS OFFICIALAktualisiert vor 9 Monaten
- AWS OFFICIALAktualisiert vor 10 Monaten
- AWS OFFICIALAktualisiert vor 9 Monaten