If you have Elastic Load Balancers currently using an SSL certificate that was generated via OpenSSL version 1.1.0a-f, you need to follow these streps to revoke the current certificate on your load balancer and upload a new one.
First, update OpenSSL on the machine you are going to use to generate your private key and sign your certificate. I have written another post on how to do that here: http://blog.matthewdfuller.com/2014/04/how-to-fix-openssl-heart-bleed-bug-on.html
Once you have regenerated your keys and resigned your certificate, you can upload them to your load balancers.
Within the AWS console, click "EC2" in the Services menu.
Now, click on "Load Balancers" on the left-hand side and select your load balancer instance.
Hit save and your load balancer will push the changes.
If you want to do this via the command line or API, check out the official AWS documentation: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/US_UpdatingLoadBalancerSSL.html