对于现有的 AWS ACM 证书,我可以从 Email 验证切换到 DNS 验证吗?
[英]Can I switch from Email Validation to DNS Validation for already existing AWS ACM certificates?
问题描述
I've to Auto Renew expiring ACM certs and I'm not able to achieve that using the AWS PowerShell "Invoke-ACMCertificateRenewal" without manually clicking "I Approve" on the Validation Email.
我必须自动续订过期的 ACM 证书,但我无法使用 AWS PowerShell“Invoke-ACMCertificateRenewal”来实现这一点,而无需在验证 Email 上手动单击“我批准”。
I want to move to DNS Validation as this supports Auto-Renewal.我想转到 DNS 验证,因为它支持自动续订。 But, the AWS document- https://aws.amazon.com/blogs/security/easier-certificate-validation-using-dns-with-aws-certificate-manager/ covers only for New Certificates.但是,AWS 文档https://aws.amazon.com/blogs/security/easier-certificate-validation-using-dns-with-aws-certificate-manager/仅涵盖新证书。 Is it possible to switch from Email Validation to DNS Validation for EXISTING ACM Certificates ?是否可以从 Email 验证切换到现有 ACM 证书的 DNS 验证?
1 个解决方案
解决方案1
1 2020-09-08 13:09:58
According to the official AWS Certificate Manager FAQ , is is not possible to switch, you would have to create a new request:根据官方AWS Certificate Manager 常见问题,无法切换,您必须创建一个新请求:
Q. Can I convert an existing public certificate from email validation to DNS validation?
No, but you can request a new, free certificate from ACM and choose DNS validation for the new one.
You can go in ACM and simply request a new certificate for the same host using DNS Validation.您可以在 ACM 中使用 go,只需使用 DNS 验证为同一主机请求新证书。 Once certificate is issued you need to visit all your services tied to the old certificate and update to use the new one (for example an ELB or CloudFront)颁发证书后,您需要访问与旧证书相关的所有服务并更新以使用新证书(例如 ELB 或 CloudFront)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.