Change / Update SSL certificate for Amazon Elastic Load Balancer with AWS Com...

Install and configure the AWS Command Line Interface Show archive.org snapshot

Show existing certificates to test if the AWS Cli is working:

$ aws iam list-server-certificates
{
  "ServerCertificateMetadataList": [
      {
          "Path": "/", 
          "Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-201307-201407", 
          "ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX", 
          "ServerCertificateName": "www.example.com-201210-201310", 
          "UploadDate": "2012-10-10T11:25:35Z"
      }
  ]
}

Upload your certificate:

$ aws iam upload-server-certificate --server-certificate-name www.example.com-2013010-2014010 --certificate-body file://www.example.com.crt --private-key file://www.example.com.key --certificate-chain file://www.example.com.ca-bundle 
{
    "ServerCertificateMetadata": {
        "Path": "/", 
        "Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010", 
        "ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX", 
        "ServerCertificateName": "www.example.com-2013010-2014010", 
        "UploadDate": "2013-10-22T16:57:36.704Z"
    }
}

If you got the error message A client error (MalformedCertificate) occurred: Invalid Private Key. please look at this card to see how to fix it.

Get the name of your loadbalancer:

$aws elb describe-load-balancers | grep LoadBalancerName
            "LoadBalancerName": "example-com",

Update certificate on your loadbalancer:

aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name example-com --ssl-certificate-id arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010 --load-balancer-port 443

Kim Klotz

makandra.com

Say thanks1

Last edit

2017-03-21

Andreas Herz

Keywords

ops

License

Source code in this card is licensed under the MIT License.

Change / Update SSL certificate for Amazon Elastic Load Balancer with AWS Command Line Interface