Any advice on moving between certs? #4558
Unanswered
adamdavis40208
asked this question in
Q&A
Replies: 1 comment
-
|
This is a pain point while using certificate discovery. If you know 100% the cert you want to use, I'd recommend specifying the cert ARN directly, rather than relying on discovery. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
We currently have two valid certs for a hostname. One is email renewal (cert A), and we would like to let it expire. The other is DNS renewal (cert B), and want to continue using this one.
Right now we use certificate discovery, so it's pretty even which cert our LBs are attached to.
Do you have any advice to moving everything to cert B before cert A expires? Or are we overthinking this?
there's a "allowed-certificate-authority-arns" config, it'd be nice to specify which cert ARNs to allow/ignore as well.
Thanks in advance!
Beta Was this translation helpful? Give feedback.
All reactions