Hi @Yini Wang
Thanks for the question.
You can just run the same Create/Update Cert command as if you're reimporting the same cert. However, the bindings won't automatically be updated; you'll have to update bindings themselves as well. If you decide to manually sync the cert (regardless of client), the background job will skip updating the bindings and client certs info since the cert already has the latest version from KV, so it's important for you to make sure they update the bindings.
hope that helps.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.