40 cards
View
Posted over 5 years ago. Visible to the public.

Change / Update SSL certificate for Amazon Elastic Load Balancer with AWS Command Line Interface

  1. Install and configure the AWS Command Line Interface
  2. Show existing certificates to test if the AWS Cli is working:

    Copy
    $ aws iam list-server-certificates { "ServerCertificateMetadataList": [ { "Path": "/", "Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-201307-201407", "ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX", "ServerCertificateName": "www.example.com-201210-201310", "UploadDate": "2012-10-10T11:25:35Z" } ] }
  3. Upload your certificate:

    Copy
    $ aws iam upload-server-certificate --server-certificate-name www.example.com-2013010-2014010 --certificate-body file://www.example.com.crt --private-key file://www.example.com.key --certificate-chain file://www.example.com.ca-bundle { "ServerCertificateMetadata": { "Path": "/", "Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010", "ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX", "ServerCertificateName": "www.example.com-2013010-2014010", "UploadDate": "2013-10-22T16:57:36.704Z" } }

    If you got the error message A client error (MalformedCertificate) occurred: Invalid Private Key. please look at this card to see how to fix it.

  4. Get the name of your loadbalancer:

    Copy
    $aws elb describe-load-balancers | grep LoadBalancerName "LoadBalancerName": "example-com",
  5. Update certificate on your loadbalancer:

    Copy
    aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name example-com --ssl-certificate-id arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010 --load-balancer-port 443

Owner of this card:

Avatar
Kim Jahn
Last edit:
over 2 years ago
by Andreas Herz
Keywords:
ops
This website uses cookies to improve usability and analyze traffic.
Accept or learn more