Binding or Replacing a Certificate
Scenarios
You need to bind a certificate when you add an HTTPS listener to a load balancer. If the certificate used by a listener has expired or needs to be replaced due to other reasons, you can replace the certificate on the Listeners tab.
If the certificate is also used by other services such as WAF, replace the certificate on all these services to prevent service unavailability.
Note
Replacing a certificate and private keys does not affect your applications.
Notes and Constraints
- Only HTTPS listeners require certificates.
- If a certificate has expired, you need to manually replace or delete it.
- The new certificate takes effect immediately. The old certificate is used for established connections, and the new one is used for new connections.
Prerequisites
You have added a certificate by following the instructions in Adding a Certificate.
Binding a Certificate
You can bind certificates when you add an HTTPS listener. For details, see Adding an HTTPS Listener.
Replacing a Certificate
- Log in to the management console.
- Click
in the upper left corner of the console and select a desired region and project. - Click
in the upper left corner to display Service List and choose Network > Elastic Load Balance. - On the displayed page, locate the load balancer and click its name.
- Click the Listeners tab, locate the listener, and click Edit in Operation column.
- On the displayed dialog box, select a server certificate or CA certificate.
- Click OK in the Edit dialog box.
Parent topic: Certificate
- Scenarios
- Notes and Constraints
- Prerequisites
- Binding a Certificate
- Replacing a Certificate