Aws-cdk: interface required when enabling SSL in NLB listener does not exist

When enabling SSL in NLB listener interface INetworkListenerCertificateProps is required:

add_listener(id, *, port, certificates=None, default_target_groups=None, protocol=None, ssl_policy=None)
    Add a listener to this load balancer.
    Parameters
            id (str) –
            props –
            port (Union[int, float]) – The port on which the listener listens for requests.
            certificates (Optional[List[INetworkListenerCertificateProps]]) – Certificate list of ACM cert ARNs. Default: - No certificates.
            default_target_groups (Optional[List[INetworkTargetGroup]]) – Default target groups to load balance to. Default: - None.
            protocol (Optional[Protocol]) – Protocol for listener, expects TCP or TLS. Default: - TLS if certificates are provided. TCP otherwise.
            ssl_policy (Optional[SslPolicy]) – SSL Policy. Default: - Current predefined security policy.

However there is nothing that creates that interface.

Reproduction Steps

        listener = some_nlb.add_listener(
            'SslListener',
            port=443,
            certificates=[certmanager_ssl],
            default_target_groups=[target_group],
            protocol = elbv2.Protocol.TLS,
        )

Error Log

Error: Resolution error: Resolution error: Trying to resolve() a Construct at ../Properties/certificates/0/node

Environment

• *CLI Version : aws-cli/1.16.100 Python/3.7.2 Darwin/18.5.0 botocore/1.12.90 *
• Framework Version: 1.18
• OS : mac
• *Language : Python *

Other

This is :bug: Bug Report