Ends in
00
days
00
hrs
00
mins
00
secs
ENROLL NOW

🚀 25% OFF All Practice Exams, Video Courses, & eBooks – Cyber Week Blowout Deals!

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Home » Others » How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Last updated on August 28, 2024

Before diving into the steps on how to change an AWS ACM-generated SSL Certificate, it’s important to understand the basics and benefits of this service. Having a solid understanding will provide context for the actions we are about to take and help us appreciate the value AWS Certificate Manager (ACM) brings to the table.

What is the AWS Certificate Manager (ACM)?

 AWS Certificate Manager (ACM) is a service designed to streamline the provisioning, management, and deployment of public and private SSL/TLS certificates. These certificates are essential for securing network communications and verifying the identity of websites on the Internet, as well as resources on private networks.

Validating the AWS ACM Certificate Domain Ownership

Before the Amazon certificate authority (CA) can issue a certificate to your site,  AWS Certificate Manager (ACM) must verify that you own or control all of the domain names listed in your request. When requesting a certificate, you have the option of proving your ownership using Domain Name System (DNS) validation or email validation.

  • DNS Validation – This validation is recommended especially if using Amazon Route 53. ACM can automatically renew DNS-validated certificates.
Tutorials dojo strip

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

  • Email Validation – This validation type will require manual action for renewal. Notices are sent 45 days before expiration to WHOIS and common administrator addresses. You can also view the AWS Updates for this notice. Please note that the AWS Certificate Manager is immutable, this means that once you have created an email validation type, you cannot switch or change it to validate it with a DNS-based certificate. In this case, we have an email-based SSL validation, this existing SSL certificate cannot be changed to a DNS-based one.  How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

 

Changing the AWS ACM Certificate on Amazon CloudFront Distribution

Step 1: Navigate to AWS CloudFront, then click Distributions.

Step 2: Choose the distribution that contains the respective SSL Certificate that you want to change and select Edit.

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Step 3: Select the dropdown and choose the newly created DNS Certificate 

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Step 4: Click Save Changes.

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

We have successfully updated the distribution settings

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Verifying the New AWS ACM Certificate

Step 1: Navigate to the domain. ie. media.tutorialsdojo.com

Step 2: Click the left icon beside the domain and select Connection is secure after that select Certification is valid.

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Step 3: Navigate to Details tab to view the serial number 

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

Step 4: Since we now have the serial number, lets navigate to DNS Certificate to check if the serial number match

How to Change an AWS ACM Certificate on Amazon CloudFront Distribution

In conclusion, we have successfully demonstrated how to change an AWS ACM-generated SSL Certificate for a CloudFront distribution. We began by explaining the role of AWS Certificate Manager (ACM) in simplifying the provisioning, management, and deployment of SSL/TLS certificates, highlighting their importance in securing network communications and establishing the identity of websites and resources.

We explored the two methods of validating domain ownership: DNS validation, which is recommended for its ease of automatic renewal, especially with Amazon Route 53, and email validation, which requires manual renewal and cannot be switched to DNS validation once set.

We then provided a detailed, step-by-step guide on updating the SSL certificate in AWS CloudFront. Finally, we covered the verification process to ensure the new certificate is correctly applied by checking the certificate details and matching the serial number with the DNS certificate. By following these steps, the SSL certificate for the AWS CloudFront distribution is successfully updated and verified, ensuring secure and authenticated network communications for the domain.

🚀 25% OFF All Practice Exams, Video Courses, & eBooks – Cyber Week Blowout Deals!

Tutorials Dojo portal

Learn AWS with our PlayCloud Hands-On Labs

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

FREE AWS, Azure, GCP Practice Test Samplers

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

Follow Us On Linkedin

Recent Posts

Written by: Irene Bonso

Irene Bonso is currently thriving as a Junior Software Engineer at Tutorials Dojo and also an active member of the AWS Community Builder Program. She is focused to gain knowledge and make it accessible to a broader audience through her contributions and insights.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?