how to add a domain to an existing SSL certificate on aws

amazon-web-services ssl aws-certificate-manager
Erich picture Erich · Apr 3, 2017 · Viewed 8.7k times · Source

I have an SSL certificate associated with a load balancer on Amazon Web Services. I would like to have an additional domain on that certificate. My questions are:

  1. Is it possible to add an additional domain to an EXISTING ssl certificate on aws? I see that you can add additional names when you create one, but I don't see how to do it with an existing certificate.

  2. If no to 1, is it possible to associate 2 certs with the load balancer? Or do I need to create a new one that includes both domains and replace the cert with the new one?

Thank you for your advice.

Answer

Michael - sqlbot picture Michael - sqlbot · Apr 4, 2017

It is not possible to do either of these things.

Certificates can never be modified -- that would invalidate them.

Balancers cannot attach more than one certificate to a given listener, and can't have more than one listener on a port.

Your solution is to create a new certificate with all of the needed domain names, and swap them out.

Related questions

AWS ACM wildcard ssl certificate not working on domain

I created a SSL certificate for my site using Amazon Certificate Manager. The certificate is for *.example.com. I have then attached this certificate to my ELB and have left the instance protocol as http. So SSL chain is only …

Read More
Can I share ACM SSL certificates between AWS acounts

I have a few AWS accounts where I manage DNS addresses and ACM SSL certificates. I have a top-level.com domain in one account and another account manages subdomain.top-level.com. I created some SSL certificates with ACM on the …

Read More
How to Configure SSL for Amazon S3 bucket

I am using an Amazon S3 bucket for uploading and downloading of data using my .NET application. Now my question is: I want to access my S3 bucket using SSL. Is it possible to implement SSL for an Amazon s3 …

Read More