====== Amazon Cloud How to ======
These are the commands i have used during my course of action.

==== Sending Regular SSL / Key / Bundle to ELB ====
Forget what they say and print on form.\\

Format require - \\
  * Key - RSA
  * CRT - x509
  * CA Bundle - What ever supplied.

Usually that's the standard form of information you have used on Apache so just use it.\\

NOTE : 
 - In case your key through an error try using following command

<code bash>
openssl rsa -in www.k2patel.in.key -text
</code>

Now look at the end you will see RSA Cert with standard Enclosure "----- <TYPE> -----"

Now if you have PKCS12 Exported Certs then please follow instruction below to get key / certs.

<code bash | Extracting Keys >
openssl pkcs12 -nocerts -in export_test.p12 -out www.k2patel.in.key
</code>

<code bash | Extracting Certificate >
openssl pkcs12 -clcerts -nokeys -in export_test.p12 -out www.k2patel.in.crt
</code>

For further Help see "openssl pkcs12 --help"

Now you need to convert key to RSA.

<code bash | converting previously generated key to RSA>
openssl rsa -in www.k2patel.in.key -out www.k2patel.in.RSA.key
</code>

At this point you are almost done, you just need to upload it to LB.\\
Considering you already have existing LB.

<code bash | Upload Certificate to Amazon>
iam-servercertupload -b www.k2patel.in.crt -c gd_bundle.crt -k www.k2patel.in.com.rsa.key -d -s www.k2patel.in
</code>

You can list all your certificate on amazon.

<code bash | List All your certificate>
iam-servercertlistbypath
</code>

Now Assign certificate to ELB.

**NOTE : \\
You can change your certificate assignment live.\\
Simply add new certificate and do next step replace existing assignment.**



<code bash | assign certificate to port>
elb-set-lb-listener-ssl-cert test-lb --lb-port 9031 --cert-id 'arn:aws:iam::123456789101:server-certificate/www.k2patel.in'
</code>

You are good to GOLDEN


==== Playing with Amazon ELB ====

=== Create LB using ELB API ===
<code bash | Create lb>
elb-create-lb elb-test1 --availability-zones us-east-1b --listener "protocol=http, lb-port=80, instance-port=9130" --listener "protocol=https, lb-port=443, instance-port=9130,cert-id=arn:aws:iam::123456789101:server-certificate/www.k2patel.in"
</code>

<code bash | Register Instance>
elb-register-instances-with-lb elb-test1 --instances i-12345678
</code>

<code bash | Register Listeners on ELB >
elb-create-lb-listeners v3-test --listener "lb-port=9145,instance-port=9145,protocol=https,instance-protocol=https,cert-id=arn:aws:iam::123456789101:server-certificate/www.k2patel.in" 
</code>