How do I migrate my SSL certificate to the US East (N. Virginia) Region for use with my CloudFront distribution?

Last updated: 2021-11-24

I have an SSL certificate in AWS Certificate Manager (ACM) that I want to associate with my Amazon CloudFront distribution. However, I can't associate the certificate with the distribution because it's not in the US East (N. Virginia) (us-east-1) Region. Can I move the certificate to US East (N. Virginia)?

Resolution

You can't migrate an existing certificate in ACM from one AWS Region to another. Instead, you must import or create a certificate in the target Region.

To associate an ACM certificate with a CloudFront distribution, you must import or create the certificate in US East (N. Virginia). Additionally, the certificate must meet the CloudFront requirements.

Follow these steps to import or create an ACM certificate for use with a CloudFront distribution:

  1. Open the ACM console in the US East (N. Virginia) Region.
    Note: From the AWS Region selector in the navigation bar, confirm that N. Virginia is selected.
  2. Proceed with the steps to import a certificate using the console, or request a certificate using the console.
  3. After the certificate is imported or validated successfully, you can associate the certificate and alternate domain names (CNAMEs) with your CloudFront distribution.

Did this article help?


Do you need billing or technical support?