ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Professional All Questions

View all questions & answers for the AWS Certified Solutions Architect - Professional exam
Go to Exam

Exam AWS Certified Solutions Architect - Professional topic 1 question 261 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Professional
Question #: 261
Topic #: 1
[All AWS Certified Solutions Architect - Professional Questions]

You're trying to delete an SSL certificate from the IAM certificate store, and you're getting the message "Certificate: <certificate-id> is being used by CloudFront."
Which of the following statements is probably the reason why you are getting this error?

  • A. Before you can delete an SSL certificate you need to set up https on your server.
  • B. Before you can delete an SSL certificate, you need to set up the appropriate access level in IAM
  • C. Before you can delete an SSL certificate, you need to either rotate SSL certificates or revert from using a custom SSL certificate to using the default CloudFront certificate.
  • D. You can't delete SSL certificates. You need to request it from AWS.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
CloudFront is a web service that speeds up distribution of your static and dynamic web content, for example, .html, .css,.php, and image files, to end users. Every
CloudFront web distribution must be associated either with the default CloudFront certificate or with a custom SSL certificate. Before you can delete an SSL certificate, you need to either rotate SSL certificates (replace the current custom SSL certificate with another custom SSL certificate) or revert from using a custom
SSL certificate to using the default CloudFront certificate.
Reference:
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Troubleshooting.html
by Aline_H at July 16, 2021, 12:19 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SkyZeroZx
2 years ago
Selected Answer: C
C. Before you can delete an SSL certificate, you need to either rotate SSL certificates or revert from using a custom SSL certificate to using the default CloudFront certificate. Explanation: The reason why you are getting the error message "Certificate: <certificate-id> is being used by CloudFront" is that the SSL certificate you are trying to delete is currently being used by a CloudFront distribution. In order to delete the certificate, you need to first either rotate the SSL certificates (replace the current certificate with a new one) or revert from using a custom SSL certificate to using the default CloudFront certificate. Option A (setting up HTTPS on your server) and Option B (setting up appropriate access level in IAM) are not directly related to the error message and would not be the reason for the error. Option D (requesting the deletion of SSL certificates from AWS) is not accurate, as AWS allows users to manage and delete their own SSL certificates.
upvoted 2 times
...
Aline_H
3 years, 9 months ago
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-rotate-certificates.html
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel