CLIENT AREACall Us 1-800-383-5193


Call Us 1-800-383-5193


Call Us 1-800-383-5193

Need help?

Our experts have had an average response time of 11.7 minutes in August 2021 to fix urgent issues.

We will keep your servers stable, secure, and fast at all times for one fixed price.

Cloudfront shows old SSL Certificate – How to fix

by | Jul 25, 2021

Wondering how to fix “Cloudfront shows old SSL Certificate” ? We can help you!

Often our customers report to us that even after renewing Amazon-issued SSL certificate on AWS Certificate Manager (ACM) CloudFront shows the previous version. This is the same if the SSL certificate is reimported to ACM.

Here at Bobcares, we fix similar issues of our customers as a part of our Server Management Services.

Today let’s see how our Support Engineers do this for our customers.

How to fix Cloudfront showing old SSL Certificate

We can fix this issue by Importing a new certificate.

This can be done either by using the AWS Management Console, the AWS CLI, or the ACM API.

Importing via console

Following are the steps our Support Techs use for importing a certificate using the AWS Management Console:

1.. Firstly, open the ACM console at

2. Then select Import a certificate.

3. After that we must do the following:

a) For Certificate body we must paste the PEM-encoded certificate to import.

The certificate may begin with -----BEGIN CERTIFICATE----- and end with -----END CERTIFICATE-----.

b) And for Certificate private key we must paste the certificate’s PEM-encoded, unencrypted private key.

This certificate may begin with -----BEGIN PRIVATE KEY----- and end with -----END PRIVATE KEY-----.

4. Now click on Review and import.

5. Then check the displayed metadata about the certificate to ensure that it is what we intended.

The fields include the following:

Domains — A list of fully qualified domain names (FQDN) authenticated by the certificate
Expires in — The number of days until the certificate expires 
Public key info — The cryptographic algorithm used to generate the key pair 
Signature algorithm — The cryptographic algorithm used to create the certificate's signature
Can be used with — A list of ACM integrated services that support the type of certificate you are importing

6. Finally if everything seems to be fine, click Import.

Importing via AWS CLI

In the following example we will see how to import a certificate using the AWS Command Line Interface (AWS CLI).

We will assume the following for importing certificate in this example:

The PEM-encoded certificate is stored in a file named Certificate.pem. The PEM-encoded certificate chain is stored in a file named CertificateChain.pem. The PEM-encoded, unencrypted private key is stored in a file named PrivateKey.pem.

We can use the following command to import certificate:

$ aws acm import-certificate --certificate fileb://Certificate.pem \ --certificate-chain fileb://CertificateChain.pem \ --private-key fileb://PrivateKey.pem

If the import-certificate command is successful, it returns the Amazon Resource Name (ARN) of the imported certificate.

[Need assistance? We can help you]


To conclude, we saw the steps that our Support Techs follow to fix cloudfront issue of showing old SSL certificate.


Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.


var google_conversion_label = "owonCMyG5nEQ0aD71QM";


Submit a Comment

Your email address will not be published. Required fields are marked *