aws_how_to
Differences
This shows you the differences between two versions of the page.
|
aws_how_to [2011/10/26 18:25] k2patel [Playing with Amazon ELB] |
aws_how_to [2020/08/10 02:35] |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== Amazon Cloud How to ====== | ||
| - | These are the commands i have used during my course of action. | ||
| - | |||
| - | ==== Sending Regular SSL / Key / Bundle to ELB ==== | ||
| - | Forget what they say and print on form.\\ | ||
| - | |||
| - | Format require - \\ | ||
| - | * Key - RSA | ||
| - | * CRT - x509 | ||
| - | * CA Bundle - What ever supplied. | ||
| - | |||
| - | Usually that's the standard form of information you have used on Apache so just use it.\\ | ||
| - | |||
| - | NOTE : | ||
| - | - In case your key through an error try using following command | ||
| - | |||
| - | <code bash> | ||
| - | openssl rsa -in www.k2patel.in.key -text | ||
| - | </code> | ||
| - | |||
| - | Now look at the end you will see RSA Cert with standard Enclosure "----- <TYPE> -----" | ||
| - | |||
| - | Now if you have PKCS12 Exported Certs then please follow instruction below to get key / certs. | ||
| - | |||
| - | <code bash | Extracting Keys > | ||
| - | openssl pkcs12 -nocerts -in export_test.p12 -out www.k2patel.in.key | ||
| - | </code> | ||
| - | |||
| - | <code bash | Extracting Certificate > | ||
| - | openssl pkcs12 -clcerts -nokeys -in export_test.p12 -out www.k2patel.in.crt | ||
| - | </code> | ||
| - | |||
| - | For further Help see "openssl pkcs12 --help" | ||
| - | |||
| - | Now you need to convert key to RSA. | ||
| - | |||
| - | <code bash | converting previously generated key to RSA> | ||
| - | openssl rsa -in www.k2patel.in.key -out www.k2patel.in.RSA.key | ||
| - | </code> | ||
| - | |||
| - | At this point you are almost done, you just need to upload it to LB.\\ | ||
| - | Considering you already have existing LB. | ||
| - | |||
| - | <code bash | Upload Certificate to Amazon> | ||
| - | iam-servercertupload -b www.k2patel.in.crt -c gd_bundle.crt -k www.k2patel.in.com.rsa.key -d -s www.k2patel.in | ||
| - | </code> | ||
| - | |||
| - | You can list all your certificate on amazon. | ||
| - | |||
| - | <code bash | List All your certificate> | ||
| - | iam-servercertlistbypath | ||
| - | </code> | ||
| - | |||
| - | Now Assign certificate to ELB. | ||
| - | |||
| - | **NOTE : \\ | ||
| - | You can change your certificate assignment live.\\ | ||
| - | Simply add new certificate and do next step replace existing assignment.** | ||
| - | |||
| - | |||
| - | |||
| - | <code bash | assign certificate to port> | ||
| - | elb-set-lb-listener-ssl-cert test-lb --lb-port 9031 --cert-id 'arn:aws:iam::123456789101:server-certificate/www.k2patel.in' | ||
| - | </code> | ||
| - | |||
| - | You are good to GOLDEN | ||
| - | |||
| - | |||
| - | ==== Playing with Amazon ELB ==== | ||
| - | |||
| - | === Create LB using ELB API === | ||
| - | <code bash | Create lb> | ||
| - | elb-create-lb elb-test1 --availability-zones us-east-1b --listener "protocol=http, lb-port=80, instance-port=9130" --listener "protocol=https, lb-port=443, instance-port=9130,cert-id=arn:aws:iam::123456789101:server-certificate/www.k2patel.in" | ||
| - | </code> | ||
| - | |||
| - | <code bash | Register Instance> | ||
| - | elb-register-instances-with-lb elb-test1 --instances i-12345678 | ||
| - | </code> | ||
| - | |||
| - | <code bash | Register Listeners on ELB > | ||
| - | elb-create-lb-listeners v3-test --listener "lb-port=9145,instance-port=9145,protocol=https,instance-protocol=https,cert-id=arn:aws:iam::123456789101:server-certificate/www.k2patel.in" | ||
| - | </code> | ||
| - | |||
| - | |||
aws_how_to.txt ยท Last modified: 2020/08/10 02:35 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
