AWS certificate manager certificate renewal


The certificate renewal process was unsuccessful due to Cloudflare configuration for our domain(Cloudflare just blocked Let's Encrypt validation requests). Approximately 7 hours ago we updated the Cloudflare configuration and it shouldn't block Let's Encrypt anymore, but we still didn't receive any requests from them, and our SSL certificate is still pending validation. Unfortunately for us, this certificate expires today, and we don't have a lot of time for that. I've tried requesting a new one, but it was also unsuccessful(certificate validation failed), and importing the Cloudflare origin certificate also was unsuccessful(import failed). I can't find any logs to debug that, and can't force Cert Manager to try to validate us one more time. Please help us.

asked 2 years ago525 views
1 Answer

1.To renew an imported certificate, you can obtain a new certificate from your certificate issuer and then manually re-import it into ACM. This action preserves the certificate's association and its Amazon Resource name (ARN). Alternatively, you can import a completely new certificate. Multiple certificates with the same domain name can be imported, but they must be imported one at a time

2. You can use an imported certificate with any AWS service that is integrated with ACM. The certificates that you import work the same as those provided by ACM, with one important exception: ACM does not provide managed renewal for imported certificates.
3. Make sure you configured your 3rd party (CloudFlare) settings appropriately. 
Reference links:
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions