I have 4 certificates which i received from CA (SSL) :
Root CA Certificate - 123.crt
Intermediate CA Certificate - 456.crt
Intermediate CA Certificate - 789.crt
Your PositiveSSL Certificate - 654.crt
I have generated circuit.pem -private key and csr.pem through which I got these certificates.
Now, i want to upload these certificates to IAM using
aws iam upload-server-certificate --server-certificate-name certificate_object_name --certificate-body file://public_key_certificate_file --private-key file://privatekey.pem --certificate-chain file://certificate_chain_file
But I am not able to gauge which is my server certificate and how can I upload my all certificates.
Please help me with the above command for my above certificates.
I tried :
aws iam upload-server-certificate --server-certificate-name MyServerCertificate --certificate-body file://www_advisorcircuit_com.crt --private-key file://circuit.pem --certificate-chain file://COMODORSAAddTrustCA.crt
I am getting this error:
A client error (InvalidClientTokenId) occurred when calling the UploadServerCertificate operation: The security token included in the request is invalid.
解决方案
I have to say, getting this to work was a huge pain in the ass. Basically you are missing the user configuration details. You have to create a user on Amazon using the IAM service here https://console.aws.amazon.com/iam/home. Pay attention to what your region is in the url, you'll need that later. So create a user, attach a policy (I attached AdministratorAccess), "Create Access Key", download credentials for the user and use them to run:
$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: us-west-2
Default output format [None]: json
Some caveats on getting the certificate install command to work. Make sure the file's have readable permissions....I think I specified 664. I specified the .pem extension on all the files...I believe AWS prefers the old school style key files, so I had to run
openssl rsa -in my_key.key -text > new_key.pem
扫一扫
447
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
