-1

I have a few certificates that were purchased on RapidSSL/Symantec, and I have switched to them to the AWS Certificate Manager (AWS Issued). My certificates on RapidSSL are expiring in 20 days and I was wondering what should/must be done to make sure the transition from RapidSSL to AWS goes seamlessly.

Are there steps that must be taken, or does AWS Certificate Manager instantly take over once the RapidSSL certs expire?

risenmyth
  • 9
  • 1
  • Which certificate you linked with your service, the one issued with RapidSSL or AWS Issued one? – Ashan Jul 07 '17 at 17:06
  • @Ashan these certificates are for the webserver, so they should be included in the /etc/ssl/ path – risenmyth Jul 07 '17 at 17:29
  • What is your current setup, do you have Application Load Balancer infront of your EC2 instances? – Ashan Jul 07 '17 at 17:32
  • No, there is no LB in front of my EC2 instance in question. I use apache/httpd, which points to `/etc/httpd/ssl/`. Also a line that points to `SSLCACertificateFile /etc/httpd/ssl/rapidssl.intermediate.crt` – risenmyth Jul 07 '17 at 17:40

1 Answers1

0

At the moment, certificates provided by ACM can only be used with specific AWS services.

  • Elastic Load Balancing
  • Amazon CloudFront
  • Amazon API Gateway
  • AWS Elastic Beanstalk

To use ACM certificate, it would required you to use one of these services infront of your EC2 instance configured with ACM certificate and forwarded traffic to EC2. You can keep them without enabling HTTPS. When your RapidSSL certificate expires in EC2, you need to manually enable HTTPS in the service you used infront and then remove the RapidSSL certificate from EC2.

Note: Also you can make the entire process automated by using AWS CLI if needed which requires additional effort.

Ashan
  • 18,898
  • 4
  • 47
  • 67