Scenarios
You need to bind a certificate when you add an HTTPS listener to a load balancer. If the certificate used by the load balancer has expired or needs to be replaced due to other reasons, you can replace the certificate.
If the certificate is also used by other services such as WAF, replace the certificate on all these services to prevent service unavailability.
Replacing certificates and private keys does not affect your applications.
Prerequisites
You have created a certificate by following the instructions in Creating a Certificate.
Binding a Certificate
You can bind certificates when you add an HTTPS listener. For details, see Adding a Listener.
Replacing a Certificate
- Log in to the management console.
- In the upper left corner of the page, click
and select the desired region and project. - Hover on
in the upper left corner to display Service List and choose Network > Elastic Load Balancing. - Locate the load balancer and click its name.
- Click Listeners.
- Shared load balancers: Locate the listener and click
on the right of its name. In the Modify Listener dialog box, select the certificate. - Dedicated load balancers: Locate the listener, click
on the right of its name, and click Modify Listener. In the Modify Listener dialog box, select the certificate.
- Shared load balancers: Locate the listener and click
- Select a server certificate and click Next.
- In the Configure Backend Server Group dialog box, click Finish.