Replace SSL cert on a CloudFront Distribution without downtime

Replace SSL cert on a CloudFront Distribution without downtime

Content Index :

Replace SSL cert on a CloudFront Distribution without downtime
Tag : amazon-web-services , By : Frank Bradley
Date : January 11 2021, 03:34 PM

Does that help According to the response for this thread in AWS forums, there might be some downtime if you're going to replace the certificate. But as long as you keep the old one there might not be any problem.

No Comments Right Now !

Boards Message :
You Must Login Or Sign Up to Add Your Comments .

Share : facebook icon twitter icon

Remade developer cert, should I remake Distribution Cert?

Tag : ios , By : mikhaelrasputin
Date : March 29 2020, 07:55 AM
may help you . When you wipe your computer, you lose your public+private key pairs. This results in all certificates becoming invalid, and thus requiring you to remake each and every certificate. Don't forget that intermediate certificate (WWDR)

AWS CLI create cloudfront distribution: --distribution-config

Tag : amazon-web-services , By : kokok13
Date : March 29 2020, 07:55 AM
fixed the issue. Will look into that further The following JSON worked for me. I used get-distribution-config to generate it.
    "Comment": "example json",
    "CacheBehaviors": {
        "Quantity": 0
    "Logging": {
        "Bucket": null,
        "Prefix": null,
        "Enabled": false,
        "IncludeCookies": false
    "Origins": {
        "Items": [
                "S3OriginConfig": {
                    "OriginAccessIdentity": null
                "Id": "S3-origin",
                "DomainName": "example.s3.amazonaws.com"
        "Quantity": 1
    "DefaultRootObject": null,
    "PriceClass": "PriceClass_All",
    "Enabled": false,
    "DefaultCacheBehavior": {
        "TrustedSigners": {
            "Enabled": false,
            "Quantity": 0
        "TargetOriginId": "S3-origin",
        "ViewerProtocolPolicy": "allow-all",
        "ForwardedValues": {
            "Headers": {
                "Quantity": 0
            "Cookies": {
                "Forward": "none"
            "QueryString": false
        "SmoothStreaming": false,
        "AllowedMethods": {
            "Items": [
            "Quantity": 2
        "MinTTL": 0
    "CallerReference": "example",
    "ViewerCertificate": {
        "CloudFrontDefaultCertificate": true
    "CustomErrorResponses": {
        "Quantity": 0
    "Restrictions": {
        "GeoRestriction": {
            "RestrictionType": "none",
            "Quantity": 0
    "Aliases": {
        "Quantity": 0

How can I replace my CloudFront distribution with another without user downtime

Tag : amazon-web-services , By : besn
Date : March 29 2020, 07:55 AM
it fixes the issue You actually don't have to wait for the distribution to be deleted to reuse the cname. I do something similar.
create a new distribution that has identical settings as my current one, minus the cname settings remove the cname from the old distribution, save immediately add cname to new distribution update DNS to point to new distribution keep old distribution around until both are deployed disable and then delete, to clean up

How to use Amazon ACM cert with Cloudfront?

Tag : ssl , By : cameron
Date : March 29 2020, 07:55 AM
hope this fix your issue Note to self; reading helps :-)

AWS Cloudfront distribution does not show API Gateway distribution

Tag : amazon-web-services , By : Vrki
Date : March 29 2020, 07:55 AM
fixed the issue. Will look into that further It's created behind the scenes. You can't see it in your CloudWatch dashboard. That's what they mean when they say:
Related Posts Related QUESTIONS :
  • AWS site-to-site VPN high availability
  • S3 notification creates multiple events
  • AccessDenied on AWS Athena
  • Not able to connect to AWS documentDb from Lambda
  • AWS s3 sync to upload if file does not exist in target
  • Is there a pseudocolumn in Hive/Presto to get the "last modified" timestamp of a given file?
  • Can AWS CloudWatch triggers a lambda function when SQS receives new message?
  • Can't assign list value to json policy in Terraform
  • Do I need to pass AWS AccessKey and AccessSecret while running AWS batch?
  • AWS Textract StartDocumentAnalysis function not publishing a message to the SNS Topic
  • Modify AWS AMI periodically
  • Can't export a EC2 AMI to another account because the AWS Marketplace OS is obsolete
  • User Friendly Unique Identifier For DynamoDB
  • Trying to automatically register my EC2 instances in Route 53
  • How to run Parallel builds with AWS Codebuild?
  • Javascript - Cannot initialize a AWS Textract object with AWS-SDK
  • Avoid Terraform module to create duplicate resources?
  • AWS ECS Fargate Container Healthcheck command
  • How can I solve a problem with tls: internal error in kubernetes
  • S3 Batch Operations - "Reading the manifest is forbidden: Access Denied"
  • Gitlab runner unable to run aws commands
  • Specify version for yum in cloud formation template
  • What is the correct way to reference properties in Cloudformation?
  • Terraform + Route53 - manage existing record
  • Lambda returning Http 200 on timeout to API Gateway
  • Temporarily Stop/Deactivate ECS Fargate cluster or service
  • Unmarshal AWS IAM Document But Conditional string or []string in Doc
  • How to prevent spamming of AWS cloud front?
  • AWS Quicksight - How to deactivate sorting or sort data by month name
  • Running AWS Glue jobs in parallel
  • Alternative to AWS Lambda + NAT gateway
  • Trying to connect to Sybase and Azure SQL server using python with TLS enabled connections
  • AWS: add second internal load balancer to elastic beanstalk in terraform
  • How to architect serverless transformation of files
  • find a row from DynamoDB w/o hash and range key and delete it
  • Null Response while querying DynamoDB
  • Images folder lost after Elastic Bean Stalk restarted. Any way to restore them?
  • Aws Lambda display progress
  • How do I make my function run on a schedule instead of an API call using AWS SAM
  • Can't send message from lambda to aws sqs and no error is returned from aws-sdk
  • How to organize projects in AWS?
  • SNS with file attachment
  • AWS IAM User with access to a folder in an Amazon EC2 instance
  • How to invoke lambda when lex does not process the intent automatically?
  • When to use AWS Lambda and when to use Kubernetes (EKS)?
  • EB CLI only works as sudo; else gives 'DistributionNotFound'
  • Trigger email when a new record is created in DynamoDB
  • Step Functions AWS SAM CLI Local Connection Refused Error
  • Corda Node deployment on aws
  • best way to copy data from one aws queue (SQS) to another SQS
  • Internal networkloadbalancer wont route to instance X when curl from NLB DNS from instance X
  • Unable to ping Private IP of DMS Replication Instance from on-premises over Site-to-Site VPN & DMS source DB endpoin
  • Ampliy withAuthenticator v/s with withOAuth
  • Setup Ingress-Nginx rate limit rps for a specific path
  • Add to product list in AWS Service Catalog and Launch it
  • Cannot Restrict AWS Regions in my Account
  • How to check if the Key Pair is still used in EC2?
  • Amazon SQS message disappeared
  • DynamoDB Local Secondary Index vs Global Secondary Index
  • Using an AWS Network ACL versus an SG for access control?
  • shadow
    Privacy Policy - Terms - Contact Us © scrbit.com