For TLS connection to an Elastic Beanstalk Environment an AWS issued certificate is attached to the load balancer listener.
I recently had to create a new certificate to include an alternative domain name and changed the assigned certificate in the load balancer settings. This is a live environment, so there are clients that have an open connection to the load balancer. I wonder whether the old, unused certificate can be deleted immediately, or whether it is better to wait some hours in case it is cached anywhere on the client side and a client tries to validate it.
When is it safe to delete the old (unused) certificate from the AWS Certificate Manager?
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
