2 Answers
- Newest
- Most votes
- Most comments
2
Hi,
AWS Certificate Manager can support the re-import feature. The ARN of the certificate will not change and the newly imported certificate will be automatically deployed to the associated resources. However, during the reimport process we have some restrictions on old and new certificate:
- You can add or remove domain names.
- You cannot remove all of the domain names from a certificate.
- If Key Usage extensions are present in the originally imported certificate, you can add new extension values, but you cannot remove existing values.
- If Extended Key Usage extensions are present in the originally imported certificate, you can add new extension values, but you cannot remove existing values.
- The key type and size cannot be changed.
- You cannot apply resource tags when reimporting a certificate.
However, there is no restriction that your Issuer must be the same CA, so even if the CA is changed, you still can perform reimport as long as the above conditions are met.
https://docs.aws.amazon.com/acm/latest/userguide/import-reimport.html
answered 8 months ago
0
Thank you, I will proceed then to reimport it later on. Cheers!
answered 8 months ago
Relevant content
- Accepted Answerasked 6 years ago
- AWS OFFICIALUpdated 3 months ago
- How do I get notified when the certificate associated to the Client VPN endpoint is about to expire?AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 3 months ago