Delete SSL/TLS certificates for your Lightsail distribution - Amazon Lightsail

Delete SSL/TLS certificates for your Lightsail distribution

You can delete Amazon Lightsail SSL/TLS certificates that you're no longer using on your distributions. For example, your certificate might be expired and you've already attached an updated certificate that's validated. For more information about certificates, see SSL/TLS certificates. For more information about distributions, see Content delivery network distributions.

Deleting an SSL/TLS certificate is final and can't be undone. You have a quota of certificates you can create over a 365-day period. For more information, see Lightsail service quotas in the AWS General Reference.

Delete an SSL/TLS certificate for your distribution

Complete the following procedure to delete an SSL/TLS certificate for your distribution.

  1. Sign in to the Lightsail console.

  2. On the Lightsail home page, choose the Networking tab.

  3. Choose the name of the distribution from which you want to delete the SSL/TLS certificate. If the certificate is not currently in use, then you can choose any distribution because all of your certificates are listed in every distribution.

  4. Choose the Custom domains tab on your distribution's management page.

  5. In the Certificates section of the page, choose the ellipsis icon (⋮) for the certificate that you want to delete, and choose Delete.

    The Delete option is unavailable if the certificate you want to delete is in use. To delete certificates that are in use, you need to first change the custom domains of the distribution that is using the certificate, or disable custom domains on the distribution that is using the certificate. For more information, see Change custom domains for your distribution and Enable custom domains for your distribution.

  6. Choose Yes, delete to confirm the deletion.