AWS CloudFront: Not showing IAM SSL certificates

StackOverflow https://stackoverflow.com/questions/21560710

Question

I'm trying to install a DigiCert Wildcard SSL on a CloudFront CDN.

It worked immediately with all Elastic load balancers, but it's not showing up the CloudFront SSL certificate selection dropdown, even if the certificate is found in the IAM store.

Any ideas what permissions could be conflicting?

Was it helpful?

Solution

If you want to use the same certificate both for CloudFront and for other AWS services, you must upload the certificate twice: once for CloudFront and once for the other services.

From here: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html#CNAMEsAndHTTPS

OTHER TIPS

This is what tripped me up:

All certificates in ACM are regional resources, including the certificates that you import. To use the same certificate with Elastic Load Balancing load balancers in different AWS regions, you must import the certificate into each region where you want to use it. To use a certificate with Amazon CloudFront, you must import it into the US East (N. Virginia) region. For more information, see Supported Regions.

http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html

this is because when you upload SSL certificate for cloudfront, you need to give --path option as /cloudfront/

The command would look like this:

aws iam upload-server-certificate --server-certificate-name YourCertificateName --certificate-body file://cert.pem --private-key file://key.pem --certificate-chain file://ca.pem --path /cloudfront/

If you have already uploaded certificate then you can update it with following command:

aws iam update-server-certificate --server-certificate-name YourCertificateName --new-path /cloudfront/
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top