Binding or Replacing a Certificate
Scenarios
Certificates are used by clients and servers to authenticate each other and are widely used in service scenarios that require higher data security. You can replace a certificate if it expires or needs updating. If the certificate is not properly configured, services may be disrupted.
You can follow this section to bind a certificate to a listener and replace a certificate. If a certificate is also used by other services such as WAF, replace the certificate on all these services to prevent service unavailability.
Replacing a certificate and private keys does not affect your applications.
Constraints
- Certificates can be bound to HTTPS listeners.
- If a certificate is expired, you need to manually replace or delete it.
- The new certificate takes effect immediately. The old certificate is used for established connections, and the new one is used for new connections.
Prerequisites
You have added a certificate by following the instructions in Adding a Certificate.
Binding a Certificate
You can bind a certificate when adding an HTTPS listener. For details, see:
Setting a New Certificate When Editing a Listener
- Go to the load balancer list page.
- On the displayed page, locate the load balancer whose listener certificate needs to be replaced and click its name.
- Click the Listeners tab, locate the listener, and click Edit in Operation column.
- On the displayed dialog box, select a server certificate or CA certificate.
- Click OK in the Edit dialog box.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.