How do you replace an SSL Certificate that was already on an elastic load balancer?

0

I have an SSL certificate that has now expired. It was set up on a elastic load balancer. I simply want to reinstall my renewed SSL certificate. Everything im being told is about how to create a new ELB through the VPC. But all of that is already there. Am I creating a new one? Do I delete the old one? I tried to install the SSL through the E2C, but that was wrong as I was told I have an ELB and have to do it through the VPC. Now my app and system has stopped because it needs the secure server. I cannot get a straight answer. only how to create a new one from a classic bl. It seems like a 3 minute fix is taking days.

질문됨 2년 전1757회 조회
1개 답변
0

Hi There,

I understand that you want to replace an expired SSL Certificate that was already on an elastic load balancer.

If this is correct then you can change the certificate for the HTTPS listener.

To replace the certificate using the console [1] : 1- Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

2- On the navigation pane, under LOAD BALANCING, choose Load Balancers.

3- Select the load balancer and choose Listeners.

4- Select the check box for the listener and choose Edit.

5- For Default SSL certificate, do one of the following:

* If you created or imported a certificate using AWS Certificate Manager, choose From ACM and choose the certificate.

* If you uploaded a certificate using IAM, choose From IAM and choose the certificate.

6- Choose Update

Please note that you can also replace the certificate using the AWS CLI [1] :

by using the modify-listener [2] command.

I hope the information above is helpful.

===== references =====

[1] Replace the default certificate : https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-certificates.html#replace-default-certificate

[2] modify-listener : https://docs.aws.amazon.com/cli/latest/reference/elbv2/modify-listener.html

Mfanelo
답변함 2년 전
  • The certificate has already been replaced through that process. When I go to the website, it is still reporting that it is not secure. I was told that the certificate cannot be changed in the E2C (the space you said) for it to work, but has to be done through an ELB (which it already has). And I get to that area through the VPC. When I go to the VPC I have all of the subnets and everything already created. Something is still directing traffic to the old cert. So I was told that I needs to be configured in the ELB. But my question is am I creating a NEW ELB or is there a way to use the existing one I have? I don't want to create a new one and mess something up. but if I need to create a new one with new subnets and all that, then I will. And after I do that, I assume I delete the old one so there are no issues later?

    Its a matter of the public IP vs the private IP apparently.

  • Hi there,

    No, you do not need to create a new ELB, you can use the one you have been using as mentioned above, you only need to edit your listeners and select your new certificate from there, please note that you would need to Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/. to do this and follow the steps [1].

    You can also troubleshoot your SSL Certificate installation problems on your server including verifying that the correct certificate is installed, valid, and properly trusted by using a commonly used third-party website [2].

    Reference:

    [1] Replace the expired certificate : https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-certificates.html#replace-default-certificate

    [2] https://www.sslshopper.com/ssl-checker.html

  • Hi There,

    Were you able to identify the issue using https://www.sslshopper.com/ssl-checker.html ?

    Please note that you do not need to send your personal details as this is a public platform but feel free to share with me what error you are getting if any at all in order to resolve the issue you are getting.

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인