diff --git a/lemur/plugins/lemur_aws/plugin.py b/lemur/plugins/lemur_aws/plugin.py
index a03e92a8..46c65c4f 100644
--- a/lemur/plugins/lemur_aws/plugin.py
+++ b/lemur/plugins/lemur_aws/plugin.py
@@ -112,8 +112,6 @@ def get_elb_endpoints(account_number, region, elb_dict):
                 listener["Listener"]["SSLCertificateId"]
             ),
         )
-        endpoint["certificate"] = get_elb_certificate_by_name(certificate_name=endpoint["certificate_name"],
-                                                              account_number=account_number)
 
         if listener["PolicyNames"]:
             policy = elb.describe_load_balancer_policies(
@@ -131,28 +129,6 @@ def get_elb_endpoints(account_number, region, elb_dict):
     return endpoints
 
 
-def get_elb_certificate_by_name(certificate_name, account_number):
-    # certificate name may contain path, in which case we remove it
-    if "/" in certificate_name:
-        certificate_name = certificate_name.split('/')[1]
-    try:
-        cert = iam.get_certificate(certificate_name, account_number=account_number)
-        return dict(
-            body=cert["CertificateBody"],
-            chain=cert.get("CertificateChain"),
-            name=cert["ServerCertificateMetadata"]["ServerCertificateName"],
-        )
-    except ClientError:
-        current_app.logger.warning(
-            "get_elb_certificate_failed: Unable to get certificate for {0}".format(certificate_name))
-        sentry.captureException()
-        metrics.send(
-            "get_elb_certificate_failed", "counter", 1,
-            metric_tags={"certificate_name": certificate_name, "account_number": account_number}
-        )
-    return None
-
-
 def get_elb_endpoints_v2(account_number, region, elb_dict):
     """
     Retrieves endpoint information from elbv2 response data.
@@ -179,8 +155,6 @@ def get_elb_endpoints_v2(account_number, region, elb_dict):
                 port=listener["Port"],
                 certificate_name=iam.get_name_from_arn(certificate["CertificateArn"]),
             )
-            endpoint["certificate"] = get_elb_certificate_by_name(certificate_name=endpoint["certificate_name"],
-                                                                  account_number=account_number)
 
         if listener["SslPolicy"]:
             policy = elb.describe_ssl_policies_v2(
@@ -299,6 +273,28 @@ class AWSSourcePlugin(SourcePlugin):
         account_number = self.get_option("accountNumber", options)
         iam.delete_cert(certificate.name, account_number=account_number)
 
+    def get_certificate_by_name(self, certificate_name, options):
+        account_number = self.get_option("accountNumber", options)
+        # certificate name may contain path, in which case we remove it
+        if "/" in certificate_name:
+            certificate_name = certificate_name.split('/')[1]
+        try:
+            cert = iam.get_certificate(certificate_name, account_number=account_number)
+            return dict(
+                body=cert["CertificateBody"],
+                chain=cert.get("CertificateChain"),
+                name=cert["ServerCertificateMetadata"]["ServerCertificateName"],
+            )
+        except ClientError:
+            current_app.logger.warning(
+                "get_elb_certificate_failed: Unable to get certificate for {0}".format(certificate_name))
+            sentry.captureException()
+            metrics.send(
+                "get_elb_certificate_failed", "counter", 1,
+                metric_tags={"certificate_name": certificate_name, "account_number": account_number}
+            )
+        return None
+
 
 class AWSDestinationPlugin(DestinationPlugin):
     title = "AWS"
diff --git a/lemur/sources/service.py b/lemur/sources/service.py
index 23f2af72..498adfeb 100644
--- a/lemur/sources/service.py
+++ b/lemur/sources/service.py
@@ -15,7 +15,7 @@ from lemur.sources.models import Source
 from lemur.certificates.models import Certificate
 from lemur.certificates import service as certificate_service
 from lemur.endpoints import service as endpoint_service
-from lemur.extensions import metrics
+from lemur.extensions import metrics, sentry
 from lemur.destinations import service as destination_service
 
 from lemur.certificates.schemas import CertificateUploadInputSchema
@@ -92,7 +92,18 @@ def sync_endpoints(source):
         # if get cert by name failed, we attempt a search via serial number and hash comparison
         # and link the endpoint certificate to Lemur certificate
         if not endpoint["certificate"]:
-            certificate_attached_to_endpoint = endpoint.pop("certificate")
+            certificate_attached_to_endpoint = None
+            try:
+                certificate_attached_to_endpoint = s.get_certificate_by_name(certificate_name, source.options)
+            except NotImplementedError:
+                current_app.logger.warning(
+                    "Unable to describe server certificate for endpoints in source {0}:"
+                    " plugin has not implemented 'get_certificate_by_name'".format(
+                        source.label
+                    )
+                )
+                sentry.captureException()
+
             if certificate_attached_to_endpoint:
                 lemur_matching_cert, updated_by_hash_tmp = find_cert(certificate_attached_to_endpoint)
                 updated_by_hash += updated_by_hash_tmp
@@ -111,7 +122,6 @@ def sync_endpoints(source):
                                  metric_tags={"cert": certificate_name, "endpoint": endpoint["name"],
                                               "acct": s.get_option("accountNumber", source.options)})
 
-        # this indicates the we were not able to describe the endpoint cert
         if not endpoint["certificate"]:
             current_app.logger.error(
                 "Certificate Not Found. Name: {0} Endpoint: {1}".format(