By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Combining certificates from AWS Certificate Manager and AWS API Gateway

0

Any help really appreciated on the following - I am having issues with certain pages on my website giving the following error NET::ERR_CERT_DATE_INVALID this page is using the API gateway and the certificate has expired. I do have valid public certificates requested through AWS which are in use for my website but because this particular page is giving the above error, to solve this do I need to generate API Gateway certificates and then somehow combine them with my certificates from AWS Certificate manager? If so how do I go about that?

I also noticed that the expired certificate which is still in my list of certificates in AWS Certificate Manger has an associated resource with the AWS API account number but my current valid certificate does not have this resource included I hope all this makes sense. Thanks in advance for any help and advice.

Topics
ServerlessFront-End Web & MobileNetworking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon API GatewayAWS Certificate Manager
Language
English
rePost-User-6650419
asked a year ago528 views
2 Answers
0

Is the website caching an old certificate?
For example, if the web server is Apache, etc., wouldn't deleting the cache part solve the problem?

profile picture
EXPERT
Riku_Kobayashi
answered a year ago
  • rePost-User-6650419
    a year ago

    Hi, thanks for answering but no that was not the issue, I had an answer from someone on here but that answer is not showing here (but I had an email alert ) which resolved the issue. I will see about contacting support to get the answer put in

0

This is the answer which solved my issue instantly, but unfortunately I cannot credit the person who answered it as it is not listed as one of answers... but was emailed to me.
The error you are seeing (NET::ERR_CERT_DATE_INVALID) indicates that the SSL/TLS certificate presented by the API Gateway has expired, and the browser is refusing to establish a secure connection to the website. To solve this issue, you need to update the SSL/TLS certificate used by the API Gateway. You can do this by requesting a new certificate from AWS Certificate Manager and associating it with the API Gateway. Here are the steps you can follow: Request a new SSL/TLS certificate from AWS Certificate Manager for your domain. You can do this from the Certificate Manager console. Make sure the new certificate covers the domain name(s) used by your API Gateway. Once the certificate is issued and validated, go to the API Gateway console and select the API Gateway that needs to be updated. Click on the "Custom Domain Names" tab, and then select the domain name associated with the API Gateway. Click on the "Edit" button next to the "Security" section, and then select the new SSL/TLS certificate from the dropdown menu. Click "Save" to update the API Gateway configuration. Once the new certificate is associated with the API Gateway, the SSL/TLS certificate error should be resolved. Regarding the difference between the expired certificate and the current valid certificate, it's possible that the expired certificate was associated with an older version of the API Gateway, and the new certificate was created after some changes were made to the API Gateway. However, as long as the new certificate covers the domain name(s) used by the API Gateway, it should be sufficient for securing the connections to the API Gateway.

rePost-User-6650419
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content