0
我一直在使用Cloudfront来终止多个网站的SSL,但似乎无法通过某种原因来识别我新上传的SSL证书。CloudFront SSL证书上传后未在用户界面中显示
这是我到目前为止已经完成:
购买有效的SSL证书,并通过AWS CLI工具上传它,如下所示:
$ aws iam upload-server-certificate \
--server-certificate-name www.codehappy.io \
--certificate-body file://www.codehappy.io.crt \
--private-key file://www.codehappy.io.key \
--certificate-chain file://www.codehappy.io.chain.crt \
--path /cloudfrount/codehappy-www/
对于我得到以下输出:
{
"ServerCertificateMetadata": {
"ServerCertificateId": "ASCAIKR2OSE6GX43URB3E",
"ServerCertificateName": "www.codehappy.io",
"Expiration": "2016-10-19T23:59:59Z",
"Path": "/cloudfrount/codehappy-www/",
"Arn": "arn:aws:iam::001177337028:server-certificate/cloudfrount/codehappy-www/www.codehappy.io",
"UploadDate": "2015-10-20T20:02:36.983Z"
}
}
注意:我第一次跑aws configure
并提供我的IAM用户的证书(这工作就好了)。
接下来,我跑了以下命令来查看我的所有现有的SSL证书对IAM列表:
$ aws iam list-server-certificates
{
"ServerCertificateMetadataList": [
{
"ServerCertificateId": "ASCAIIMOAKWFL63EKHK4I",
"ServerCertificateName": "www.ipify.org",
"Expiration": "2016-05-25T23:59:59Z",
"Path": "/cloudfront/ipify-www/",
"Arn": "arn:aws:iam::001177337028:server-certificate/cloudfront/ipify-www/www.ipify.org",
"UploadDate": "2015-05-26T04:30:15Z"
},
{
"ServerCertificateId": "ASCAJB4VOWIYAWN5UEQAM",
"ServerCertificateName": "www.rdegges.com",
"Expiration": "2016-05-28T23:59:59Z",
"Path": "/cloudfront/rdegges-www/",
"Arn": "arn:aws:iam::001177337028:server-certificate/cloudfront/rdegges-www/www.rdegges.com",
"UploadDate": "2015-05-29T00:11:23Z"
},
{
"ServerCertificateId": "ASCAJCH7BQZU5SZZ52YEG",
"ServerCertificateName": "www.codehappy.io",
"Expiration": "2016-10-19T23:59:59Z",
"Path": "/cloudfrount/codehappy-www/",
"Arn": "arn:aws:iam::001177337028:server-certificate/cloudfrount/codehappy-www/www.codehappy.io",
"UploadDate": "2015-10-20T20:09:22Z"
}
]
}
注意:正如你所看到的,我能看到所有我三SSL证书,包括我新创建的证书。
接下来,我登录到IAM UI来验证我的IAM用户帐户具有管理员权限:
正如你可以看到我的用户是“管理员”组,它具有无限的一部分管理员访问AWS。
最后,我登录到Cloudfront UI并尝试选择我的新SSL证书。不幸的是,这是哪里的东西似乎不起作用= /只有我的另外两个SSL证书中列出:
有谁知道我需要做的,所以我可以用用的Cloudfront我的新的SSL证书?
非常感谢!
很好的捕获。那肯定会做到这一点。 –
哇。我花了很长时间在此。事实证明,错别字让我再次得到了。叹。即使在编程这些年后:( – rdegges