Moving from one EC2 host to another


#1

My domain is: 7cubed.ca

I ran this command: n/a

It produced this output: n/a

My web server is (include version): Apache/2.2.34 (Unix)

The operating system my web server runs on is (include version): Amazon Linux AMI release 2017.09

My hosting provider, if applicable, is: n/a

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

I’m new to AWS, and am in the process of moving my domains/webhosting to an EC2 server. I realized that I screwed up my first instance, so I’m starting a fresh one. I had created a certificate with the old host, using Certbot, which naturally has a different IP. Do I need to cancel the existing cert, and get a new one?


#2

If you have already canceled the certificate/server, you can definitely another one.

You can get a new cert if you didn’t hit the rate limit.

Thank you


#3

Thanks Steven :slight_smile: I haven’t actually cancelled the old one yet; wanted to check first. I doubt I’ve hit any limits yet, only registered one cert so far.


#4

You don’t need to delete or revoke the original - there’s no problem having multiple identical or overlapping certificates active at the same time, as long as you don’t hit rate limits for generating them. In fact, this is a somewhat common scenario for load-balanced servers. Deletion/revocation has no effect on the rate limits anyway.


#5

You can keep the old certificate and install it onto the new host. You can keep the entire /etc/letsencrypt directory, which will have the certificates and account information. The cert is tied to your Domain Name, not the IP Address.

You can also trash the directory and start from scratch. 1 cert is well within the weekly rate limits. Revocation/Deletion/Cancellation of a cert is only something you need to do if the private key is compromised – in those situations, someone can potentially run a service faking your domain name and SSL.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.