How to remove default certificate (need to change to different certificate)

Question

I can't remove the current cert because it's the default. So uh..how do I make the other one the default so I can remove the current default?

Note in the screenshot it says:

Select the certificates to remove from this listener

Note that you cannot remove the default certificate

please help

Answer 1

So it might help other people as it was hard for me to find the correct option,

So here is the steps to change SSL for LoadBalancer.

1. Click on view and edit link and add one more certificate

2. Add the New SSL you want to use with LB

3. Then select listener i.e (443) and click on edit

4. Set the new certificate as default added in step 2

Now you are good to remove the old certificate from the Load balancer under step 2.

Answer 2

You can't edit the default certificate from that screen -- but you can edit it. The reason for the similar attributes not being editable in the same place is probably related to the evolution of ALB over time. Specifically, multiple certificates were not originally supported -- this feature was added later.

Select the load balancer and choose Listeners.

Select the check box for the listener and choose Edit.

For Default SSL certificate, do one of the following:

If you created or imported a certificate using AWS Certificate Manager, choose From ACM and choose the certificate.

If you uploaded a certificate using IAM, choose From IAM and choose the certificate.

https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-certificates.html#replace-default-certificate

Answer 3

One solution is to delete the current listener (HTTPS 443) that is using the certificate and create a new listener with a different certificate. Kind of annoying (especially if your listener has a lot of logical rules), but that seems to have worked for me.