I'm not sure if this is the correct form to be posting this on Stack Exchange. If not I apologize in advance and hope someone can point me in the right direction of where to post.
I have a AWS Load Balancer with multiple EC2 instances all handling my web traffic. I'm wanting to add iOS Push Notification support. I currently use Fastlane to handle deployment and some other tasks. Fastlane has a feature called pem that will handle generating new push notification certs. I'm guessing I can just do this on deployment.
But my question is how can I get that certificate from my CI server (CircleCI, in this case) to all of my EC2 instances?
I'm assuming once I create a new cert also through Fastlane it will deactivate the old ones. How can I minimize downtime and make this process seamless?
I've considered uploading the cert from my CI server to a S3 bucket then setting all my EC2 instances to download every day or so to get the latest cert. But I feel like there might have to be a better way that can make it more seamless. And it creates the problem of downtime if I generate a new cert it has a maximum time of a day to re-download that new cert.
