loginctl: Failed to look up user $USER: No such process
Kim Klotz
3 years
netfilter's Connection Tracking system (nf_conntrack)
Andreas Vöst
3 years
HowTo: Rebalance Elasticsearch Shards
Andreas Vöst
3 years
Pay attention to trailing slashes when using rsync
Kim Klotz
3 years
Installing throttled to fix Lenovo laptops with nvidia graphics running Ubuntu losing performance after a while
Emma Heinle
3 years
Prevent systemd from dropping IP-Addresses configured from other processes
Moritz Kraus
4 years
SSH: Fix host key verification error after makandra servers were upgraded to a new Ubuntu version
Andreas Vöst
4 years
XCA: Easy SSL certificate management
Andreas Vöst
4 years
ACM certificate not showing up in CloudFront
Claus-Theodor Riegg
5 years
HowTo: enable termination protection for all EC2 instances not in autoscaling groups via aws cli
Claus-Theodor Riegg
5 years
Barman recovery fails with missing history file
Claus-Theodor Riegg
5 years
Restoring old Postgres dumps with pg_restore v11 and higher
Claus-Theodor Riegg
5 years
HowTo: Downgrade a Port on FreeBSD
Marius Schuller
5 years
HowTo: let puppet agent run from different branch
Marius Schuller
6 years
Capistrano 3: assets:precompile only on one server
Claus-Theodor Riegg
7 years
Get information about current running passenger processes
Claus-Theodor Riegg
7 years
dumping and restoring PostgreSQL databases
Claus-Theodor Riegg
8 years
Useful PostgreSQL commands
Claus-Theodor Riegg
8 years
Redis Sentinel manual failover
Claus-Theodor Riegg
8 years
stopping / restarting libvirt on Ubuntu 16.04 with systemd
Claus-Theodor Riegg
8 years
Lenovo Laptop BIOS Update with Linux
Marius Schuller
8 years
manual haproxy backend failover
Claus-Theodor Riegg
9 years
Networking restart on FreeBSD
Claus-Theodor Riegg
9 years
Linux performance analysis
Claus-Theodor Riegg
9 years

ACM certificate not showing up in CloudFront

Updated . Posted . Visible to the public. Repeats.

Preface

Before you continue, ensure that you've created your certificate in the region us-east-1 (N. Virginia). Otherwise the certificate is not available for CloudFront.

The issue

At some point in time you may be confronted with the following issue:

  • you've requested an SSL certificate via ACM
  • the validation was successful
  • you try to add the freshly issued ACM certificate to a CloudFront configuration via AWS console
  • the certificate is not selectable from the dropdown in the distribution configuration

Fixing the issue

I don't know why this error occurs, but after wasting over 1 hour of time trying to get the certificate to show up in the CloudFront console I've fixed it by pasting the certificates ARN in the field. This worked just fine. You can find the ARN of the certificate in the ACM console.

Related cards:

Barman recovery fails with missing history file

When restoring a barman PITR backup you may encounter this error:

Copying required WAL segments.
EXCEPTION: {'ret': 2, 'err': '/bin/sh: 1: cannot open /var/lib/barman/foopostgres/wals/00000007.history: No such file\n', 'out': ''}

The rea...

Change / Update SSL certificate for Amazon Elastic Load Balancer with AWS Command Line Interface

  1. Install and configure the AWS Command Line Interface

  2. Show existing certificates to test if the AWS Cli is working:

    $ aws iam list-server-certificates
{
  "ServerCertificateMetadataList": [...

Fix "A client error (MalformedCertificate) occurred: Invalid Private Key." at AWS SSL Certificate upload

I'm creating certificate requests with this command:

openssl req -new -out www.example.com.csr -keyout www.example.com.key -newkey rsa:2048 -nodes

When I try to upload the certificate to AWS IAM I get this error:

$ aws iam upload-se...

HowTo: verify SSL private key matches SSL certificate

When receiving a new SSL-Certificate for an existing SSL-key it should be checked that they match cryptographically.
Maybe the customer accidentally created a new key and certificate and sent us just the certificate.

It's also possible that the c...

Correct sequence of ssl cert and intermediate certificates

In case you're wondering, when concat-ing server certificate and intermediate certificates, the server certificate comes first.

RFC 4346:

certificate_list
This is a sequence (chain) of X.509v3 certificates. The sender's
cert...

XCA: Easy SSL certificate management

If you're about to handle X509 certificates and don't want to remember/google a handful of openssl commands you can use the graphical tool XCA.

Setup

  1. Install XCA sudo apt install xca
  2. Create a new database...

HowTo: Fix nginx not reloading with long gzip_types lines

When using many or very long entries of MIME-types that shoudl be gziped in gzip_types directives in nginx you might not be able to successfully reload the service and get this error message instead:

nginx: [emerg] could not build the tes...

loginctl: Failed to look up user $USER: No such process

When you get this error message from e.g. loginctl show-user [...] after you deleted a user from your system:

# $USER is the username you deleted
loginctl: Failed to look up user $USER: No such process

then you can either switch to a L...

Do not use Python virtualenv anymore

For a long time virtualenv was used to create isolated Python environments. This is not required anymore.

Since Python 3.3 a native venv module is shipped.

direnv...

HowTo: enable termination protection for all EC2 instances not in autoscaling groups via aws cli 

aws ec2 describe-instances --output text --query 'Reservations[].Instances[?!not_null(Tags[?Key == `aws:autoscaling:groupName`].Value)] | [].[InstanceId]' | xargs -L1 -t aws ec2 modify-instance-attribute --disable-api-termination --instance-id...
Claus-Theodor Riegg
Say thanks8
Last edit
Emma Heinle
Keywords
missing, miss
License
Source code in this card is licensed under the MIT License.
Privacy policy Terms of service Imprint
This website uses short-lived cookies to improve usability.
or learn more