Menu
I am going to create a new distribution at CloudFront. Already I have uploaded my SSL certificate at AWS IAM using AWS CLI. That certificate appears in the Custom SSL Certificate dropdown on new distribution page but it is DISABLED.
Can someone tell me why is it so ? How to select my custom SSL certificate for this distribution ?
713
It's a best practice that you upload SSL certificates to AWS Certificate Manager (ACM). If you're using certificate algorithms and key sizes that aren't currently supported by ACM or the associated AWS resources, then you can also upload an SSL certificate to IAM using the AWS Command Line Interface (AWS CLI).
The PEM-encoded certificate is stored in a file named Certificate. pem . The PEM-encoded certificate chain is stored in a file named CertificateChain. pem .
To replace the SSL certificate for an HTTPS load balancerOpen the Amazon EC2 console at https://console.aws.amazon.com/ec2/ . On the navigation pane, under LOAD BALANCING, choose Load Balancers. Select your load balancer. On the Listeners tab, for SSL Certificate, choose Change.
It took a whole day to AWS to propagate the new certificate to all of its nodes. Next day when I logged in to my AWS console, the certificate appeared in the dropdown and was enabled as well and I could configure distribution successfully.
Also, be sure to select us-east-1 (N. Virginia) when you make the certificate request; it's the only region that supports it at this time (even if your bucket / asset is in another region)
78
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
