Deleting uploaded certificate from elastic load balancer

Question

I've been testing and experimenting a bit to find out how exactly to upload SSL Certificates to AWS's Elastic Load Balancer (figuring out issues with different key and certificate encodings).

Therefore I have quite a few test certificates on there that I've generated with either the wrong information, missing certificate chains or just bogus data.

As far as I can see there is no way to delete these certificates, or even update/replace the ones that are missing certain information. AWS's instructions to "updating a certificate" (http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/US_UpdatingLoadBalancerSSL.html) actually just shows you how to change the load balancer listener to use a different certificate that is either already on there or that you can then upload as well! (that's exactly how I ended up with so many certificates on there in the first place).

Could someone please tell me that I'm wrong and there is a way to delete them? :D (and preferably also how to do that)

Answer 1

You are right, deleting certificates is not possible. Although you can remove them from your ELB but you can't delete them and ELB can continue to use them, so the safest option here for you is to delete the ELB and make a new one. use the following command to delete the ELB associated with certificates:

 aws iam delete-server-certificate --server-certificate-name certificate_object_name