Switch from a custom SSL/TLS certificate with dedicated IP addresses to SNI
If you configured CloudFront to use a custom SSL/TLS certificate with dedicated IP addresses, you can switch to using a custom SSL/TLS certificate with SNI instead and eliminate the charge that is associated with dedicated IP addresses. The following procedure shows you how.
Important
This update to your CloudFront configuration has no effect on viewers that support SNI. Viewers can access your content before and after the change, as well as while the change is propagating to CloudFront edge locations. Viewers that don't support SNI cannot access your content after the change. For more information, see Choose how CloudFront serves HTTPS requests.
Switch from custom certificate to SNI
The following procedure shows you how to switch from a custom SSL/TLS certificate with dedicated IP addresses to SNI.
To switch from a custom SSL/TLS certificate with dedicated IP addresses to SNI
Sign in to the AWS Management Console and open the CloudFront console at https://console.aws.amazon.com/cloudfront/v4/home
. -
Choose the ID of the distribution that you want to view or update.
-
Choose Distribution Settings.
-
On the General tab, choose Edit.
-
Change the setting of Custom SSL certificate to Only Clients that Support Server Name Indication (SNI).
-
Choose Yes, Edit.