Custom SSL certificate expiration information

This article provides a solution for when a custom SSL certificate was updated with an Adobe provided SSL certificate.

Affected products and versions

Adobe Commerce on cloud infrastructure, all supported versions

Issue

Adobe Commerce automatically updates SSL certificates 30 days prior to expiration. This automation does not check if the certificate being replaced is an internal SSL or a custom third-party SSL and will replace it with a valid internal SSL upon detection of expiration. This can cause confusion for site owners and operators that expect to have the custom certificate on the site, as well as the potential for other functionality issues including, but not limited to, a site outage.

Steps to reproduce

  1. Custom SSL certificate installed for the website.
  2. Automation detects the custom SSL certificate is 30 days away from expiring.
  3. Adobe Commerce automatically replaces the custom certificate with our internal certificate.

Expected results

Adobe Commerce skips custom certificates when running its automated SSL certificate update.

Actual results

Adobe Commerce updates any certificate when it is 30 days from expiration.

Solution

When a merchant elects to use their own custom SSL certificate, it must be updated more than 30 days prior to the certificate expiration to ensure it will not be replaced by an internal Adobe Commerce SSL certificate.

If you are in a situation where your custom SSL was replaced by our internal SSL and you want to replace it with your updated custom SSL certificate, please submit a support request with the location you uploaded your new certificate files. Please include the start date of the new SSL. Once we have this information, we can move forward with installing the new SSL certificate.

recommendation-more-help
8bd06ef0-b3d5-4137-b74e-d7b00485808a