Why does CloudFront show my old Amazon-issued SSL certificate, even after I renew or reimport the certificate?
I renewed my Amazon-issued SSL certificate on AWS Certificate Manager (ACM), or I reimported my SSL certificate to ACM. However, Amazon CloudFront still shows the previous version of the certificate.
Resolution
If the certificate renewal or reimport process isn't yet complete, CloudFront might still use the previous certificate. Renewing or reimporting a certificate is an asynchronous process, and it can take up to 24 hours until CloudFront shows those changes.
To avoid certificate expiration issues, renew or reimport your certificate at least 24 hours before the NotAfter value of your current certificate. If you're within 24 hours of the certificate expiration, then request a new certificate from ACM or import a new certificate to ACM. Then, associate the new certificate to the CloudFront distribution.
Related information
Managed renewal for ACM certificates
Need more elaborate on term "several hours". If the max waiting time required is 24 hours before seeking help from AWS support, please address it in this doc. Thanks.
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 5 Monaten
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 6 Monaten