ACM certificate not showing up in CloudFront
Preface
Before you continue, ensure that you've created your certificate in the region us-east-1
(N. Virginia). Otherwise the certificate is not available for CloudFront.
The issue
At some point in time you may be confronted with the following issue:
- you've requested an SSL certificate via ACM
- the validation was successful
- you try to add the freshly issued ACM certificate to a CloudFront configuration via AWS console
- the certificate is not selectable from the dropdown in the distribution configuration
Fixing the issue
I don't know why this error occurs, but after wasting over 1 hour of time trying to get the certificate to show up in the CloudFront console I've fixed it by pasting the certificates ARN
in the field. This worked just fine. You can find the ARN
of the certificate in the ACM
console.
Related cards:
FAQ for When PostgreSQL Indexes Are Corrupted After Locale Changes
When changing glibc versions, it's possible to end up with corrupt indexes in PostgreSQL.
Are My Indexes Affected?
If your database has...
Change / Update SSL certificate for Amazon Elastic Load Balancer with AWS Command Line Interface
-
Install and configure the AWS Command Line Interface
-
Show existing certificates to test if the AWS Cli is working:
$ aws iam list-server-certificates { "ServerCertificateMetadataList": [...
Mind your locales with glibc upgrades when using PostgreSQL
When changing the glibc version, it's possible that the upgrade also includes changes to how locales work.
This is especially relevant when using [PostgreSQL databases (of any version)](https://wiki.postgresql.org/wiki/Locale_data_changes#What_in...
Elasticsearch unassigned replica shards on single node instances
If you have a single node elasticsearch instance and indices with replicas enabled your cluster state will be yellow. If you have replica shards they should be moved to a different node for high availability purposes. With a single node this can't...
Intel Microcode Versions and Updates
Intel CPUs receive updates, including security relevant upgrades, through 2 channels:
- Firmware/UEFI BIOS updates can also update the microcode in CPUs. This is the preferred and persistent way
- the
intel-microcode
package can patch the micro...
HowTo: enable termination protection for all EC2 instances not in autoscaling groups via aws cli
aws ec2 describe-instances --output text --query 'Reservations[].Instances[?!not_null(Tags[?Key == `aws:autoscaling:groupName`].Value)] | [].[InstanceId]' | xargs -L1 -t aws ec2 modify-instance-attribute --disable-api-termination --instance-id...
Fix "A client error (MalformedCertificate) occurred: Invalid Private Key." at AWS SSL Certificate upload
I'm creating certificate requests with this command:
openssl req -new -out www.example.com.csr -keyout www.example.com.key -newkey rsa:2048 -nodes
When I try to upload the certificate to AWS IAM I get this error:
$ aws iam upload-se...
Keepalived VRRP FAQ
How can I configure virtual IP's?
There are two parameter to set up virtual ips in Keepalived:
virtual_ipaddress
Addresses defined here are included into the VRRP Packages and are therefore limited in number, especially with IPv6.
Add...
Correct sequence of ssl cert and intermediate certificates
In case you're wondering, when concat-ing server certificate and intermediate certificates, the server certificate comes first.
RFC 4346:
certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
cert...
Installing throttled to fix Lenovo laptops with nvidia graphics running Ubuntu losing performance after a while
We have observed Lenovo laptops with nvidia graphics losing performance after they have been in use for a few minutes. While we have not been able to pinpoint exactly what triggered the performance loss, we have found it mostly correlated with hig...