使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

SSL/TLS Certificate

1

I have a certificate that is expiring soon. I went ahead and renewed the certificate via email validation but now I am stuck with where to upload the certificate in AWS

主题
安全、身份和合规性
标签
AWS 证书管理器
语言
English
AWS-User-4819156
已提问 2 年前276 查看次数
4 回答
0

Hi,

If the certificate is email-validated then it should reside inside AWS Certificate Manager and so you would be able to see it in the console or via the list-certificates API. In other words, the 'import' operation would not come into play here.

You are more than welcome of sharing more details about your use case and I would be happy to help further.

Thanks.

profile pictureAWS
Nicholas Doropoulos
已回答 2 年前
  • AWS-User-4819156
    2 年前

    Hi, Thank you for your answer, I do have the certificate I validated via email showing up in my AWS certificate manager along with the one that is about to expire. I the one I recently regenerated says its ineligible to be renewed and I don't know what step to take to make it eligible before the 29th when my other one expires.

0

Hello. You may try to import your new cert to AWS Cert Manager (https://docs.aws.amazon.com/acm/latest/userguide/import-certificate-api-cli.html).

JapanTakeAWSConsole
已回答 2 年前
0

I haven't personally used AWS Certificate Manager before, however I recommend taking a look at the ACM documentation under Installing ACM Certificates. The documentation states that you must install the certs through the integrated AWS services you are using. See services integrated with ACM.

AWS
newrust
已回答 2 年前
0

Hi,

I am not 100% sure what you mean by the following:

"I the one I recently regenerated says its ineligible to be renewed and I don't know what step to take to make it eligible before the 29th when my other one expires."

If we are talking about how to make your email-validated certificate eligible for renewal you would need to satisfy two conditions:

  1. The certificate is associated with an AWS resource such as an ALB.
  2. You need to approve at least one validation email for every domain included in the domain scope of your certificate. Validation emails are sent by ACM automatically to the three contact addresses found in your WHOIS data and five common system addresses (i.e. admin@<yourdomainname>, administrator@<yourdomainname>, webmaster@<yourdomainname>, hostmaster@<yourdomainname>, postmaster@<yourdomainname>. These validation emails are sent automatically by ACM once on the 45th day prior to the certificate's expiration and they are only valid for 72 hours. If that time frame has passed you would need to call the resend-validation-email API for every domain and acknowledge them all within 72 hours.

If you are referring to another certificate altogether please share more details and I would be happy to help.

References:

profile pictureAWS
Nicholas Doropoulos
已回答 2 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容