For TLS connection to an Elastic Beanstalk Environment an AWS issued certificate is attached to the load balancer listener.
I recently had to create a new certificate to include an alternative domain name and changed the assigned certificate in the load balancer settings. This is a live environment, so there are clients that have an open connection to the load balancer. I wonder whether the old, unused certificate can be deleted immediately, or whether it is better to wait some hours in case it is cached anywhere on the client side and a client tries to validate it.
When is it safe to delete the old (unused) certificate from the AWS Certificate Manager?
question from:
https://stackoverflow.com/questions/65601807/when-is-it-safe-to-delete-a-ssl-certificate-in-aws-certificate-manager 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
