Last active
January 20, 2016 06:16
-
-
Save stroupaloop/37cb7569b1683b9a055f to your computer and use it in GitHub Desktop.
AWS SSL setup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# from the directory where the key/certs are located | |
aws iam upload-server-certificate \ | |
--server-certificate-name a-new-cert-name \ | |
--certificate-body file://your-site.crt \ | |
--private-key file://your-site.key \ | |
--certificate-chain file://your-site-intermediates.crt \ | |
--path /cloudfront/your-path/ | |
# where a-new-cert-name is an arbitrary name you give your cert for AWS | |
# your-site-intermediates.crt is your [certname].chain.crt (may need to include [certname].chained.crt) | |
# your-path is an arbitrary name you give (best if it's the same as the server-certificate-name) | |
# you'll need to go to your CloudFront distribution settings and select teh SSL cert you just created | |
# additionally, go to Behaviors tab and select 'Redirect HTTP to HTTPS' | |
# set the Origins Protocol Behavior to HTTP only |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# you don't need multiple EC2 instances to create and run an ELB | |
# when adding in the key/certs, use the following commands to create pem values and then highlight and drag into the boxes | |
openssl rsa -in yourdomain.key -outform PEM | |
openssl x509 -inform PEM -in yourdomain.crt (OR bundle.crt) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ ~/.aws/config | |
vi config | |
# create a new profile by adding the following lines | |
# remember within vi >> i edits and :wq saves and exits | |
[profile <name>] | |
aws_access_key_id: [AWS ACCESS KEY] | |
aws_secret_access_key: [AWS SECRET ACCESS KEY] | |
output = test | |
region = us-east-1 | |
# to use that specified profile add the following arguments | |
$ aws cli <command> --profile [<name>] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment