convox ssl update <process>:<port> <certificate> --app <app> --wait will give:
ERROR: command not valid for generation 2 applications
We’ve updated our SSL certificate “manually” in AWS console by adding a new certificate to the ALB with the same domain name, which then has been correctly picked up by AWS and it is now effectively the cert that is being used in our app.
Which leaves us with these two questions however:
Having added the certificate manually, will this become an issue in a future app deploy and/or rack update?
How can we tell convox to detect the correct certificate, since
convox ssl --app <app>command still lists the “old” certificate?