Read more
Change / Update SSL certificate for Amazon Elastic Load Balancer with AWS Command Line Interface
-
Install and configure the AWS Command Line Interface Show archive.org snapshot
-
Show existing certificates to test if the AWS Cli is working:
$ aws iam list-server-certificates { "ServerCertificateMetadataList": [ { "Path": "/", "Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-201307-201407", "ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX", "ServerCertificateName": "www.example.com-201210-201310", "UploadDate": "2012-10-10T11:25:35Z" } ] } -
Upload your certificate:
$ aws iam upload-server-certificate --server-certificate-name www.example.com-2013010-2014010 --certificate-body file://www.example.com.crt --private-key file://www.example.com.key --certificate-chain file://www.example.com.ca-bundle { "ServerCertificateMetadata": { "Path": "/", "Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010", "ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX", "ServerCertificateName": "www.example.com-2013010-2014010", "UploadDate": "2013-10-22T16:57:36.704Z" } }If you got the error message
A client error (MalformedCertificate) occurred: Invalid Private Key.please look at this card to see how to fix it. -
Get the name of your loadbalancer:
$aws elb describe-load-balancers | grep LoadBalancerName "LoadBalancerName": "example-com", -
Update certificate on your loadbalancer:
aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name example-com --ssl-certificate-id arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010 --load-balancer-port 443
Posted by Kim Klotz to makandra Operations (2013-10-22 19:42)