I can't upload server certificate on AWS IAM
The command is looking for a file that does not exist
file does not exist: /var/www/html/certificate.pem
Possibly your certificate is not named certificate.pem, or my guess is you don't have a folder named /var/www on your local system where you're running this command (nor on your mac).
You need to put the location of certificate.pem on your local computer after file://
If it's named something other than certificate.pem, put the local file names in the command.
Source:
http://docs.aws.amazon.com/IAM/latest/UserGuide/InstallCert.html#UploadSignedCert
http://docs.aws.amazon.com/cli/latest/reference/iam/upload-server-certificate.html
Related videos on Youtube
15 : 13
04 : 19
06 : 37
04 : 40
06 : 22
Diego Sarmiento
Skilled professional with more than +10 years of experience in the finance, health care and hospitality industry. Highly developed skills on Software Architecture (Angular) to support high-performance and scalable products. Focus on agile methodologies with small and medium size teams, pixel-perfect development, responsive design and easy-to-maintain Front-End development. Excellent team player with demonstrated experience as a leader. Active collaborator with all levels of staff and management to exceed customer expectations and revenue goals. Passionate about product development and constant innovation. Entrepreneurial spirit and heavy international experience with enterprise projects, startups and multi-cultural teams. Specialties: Angular 8+, Automation (Protractor), Unit Tests (Karma), Front-End Architecture, Node, Jenkins, Splunk, UX Design, rapid prototyping
Updated on September 18, 2022Comments
-
Diego Sarmiento over 1 year
I got AWS iam working on my server, and trying to upload some certificates:
aws iam upload-server-certificate --server-certificate-name domain2014 --certificate-body file:///var/www/html/certificate.pem --private-key file:///var/www/html/private-key.pem --certificate-chain file:///var/www/html/ca.pemI get:
Error parsing parameter '--certificate-body': file does not exist: /var/www/html/certificate.pemI tried uploading the files from my MAC, and I get the same answer.
Already checked this question but file:// is not missing, and route is OK.
I do have credentials such as:
AWSAccessKeyId=BKIAJQ1111111111111 AWSSecretKey=H+2+2mko11111111111111cv+UFuA6And also a config file. But I honestly don't understand where or how to use it to upload the certificates (after using aws configure I complete the info and then I don't know what to do next).
All this process started yesterday when I completed the process of uploading the load balancer with no issues, but later I realized that the certificate that is actually working is the self signed that I had previously on the server (this is the question I posted yesterday)
Edit:
If I try from terminal:
aws iam list-server-certificatesI get:
A client error (AccessDenied) occurred when calling the ListServerCertificates operation: User: arn:aws:iam::999990212999:user/admin is not authorized to perform: iam:ListServerCertificates on resource: arn:aws:iam:: 999990212999:server-certificate/Edit2:
The AccessDenied problem was related with permissions. You must go to EC2 Management Console -> Administration and Security -> IAM -> Users -> Select the User and go to User Permissions. Select "Attach User Policy". In there, you chose the profile with the attributes that works for you (in my case was Administrator Access).
Once you update permisions, you can se the Certificate (If it was loaded correctly using load balancers or IAM).
Edit3:
I realized that I didn't need to upload the certificate because I already did it with the load balancers. Part of my confusion was that I had to load the certificates with AWS IAM again.
If your certicate is already on the server, the last step is to change your Domain Record Set. If your domain is hosted in AWS, go to Route 53 in the EC2 Management Console and create a record set. It must be a Type A record (not a CNAME), with an alias pointing to your Amazon Load Balancer (check your address in the tab DNS in the panel). The address should be something like:
9999999999.eu-west-1.elb.amazonaws.com -
Diego Sarmiento over 9 yearscould you give me an example? like ~/Desktop/certificate.pem on Desktop? the problem is that I'm not sure where is the root folder for this command. Thank you!
-
user16081-JoeT over 9 yearsyou're on Windows in cmd prompt, yes? I'd change directory within cmd prompt to the folder where you have these files. an easy way so you know you can get to them is just put them in the top level of your C: drive, then you can `cd C:\` and run your aws command with the file://certificate.pem etc (no path needed if you're in the same directory)