- Le plus récent
- Le plus de votes
- La plupart des commentaires
After some more tries, I succeeded, so in case anyone else find this forum, here's what I did.
First, issue the following command on the certificate p12 file:
openssl pkcs12 -in certificate.p12 -nodes -clcerts
You might be prompted to provide a password.
Now, you will see the certificate and the private key in the console as text. You can paste it to the Cloudformation template as:
AWSTemplateFormatVersion: 2010-09-09
Description: Test Stack.
Resources:
PinpointApplication:
Type: AWS::Pinpoint::App
Properties:
Name: !Sub '${AWS::StackName}-PinpointApplication'
PinpointAPNSChannel:
Type: AWS::Pinpoint::APNSChannel
Properties:
Certificate: |
-----BEGIN CERTIFICATE-----
Certificate text
Be careful with tabbing
-----END CERTIFICATE-----
PrivateKey: |
-----BEGIN PRIVATE KEY-----
Private key text
Be careful with tabbing
-----END PRIVATE KEY-----
ApplicationId: !Ref PinpointApplication
DefaultAuthenticationMethod: CERTIFICATE
Enabled: True
It also looks like the console removes the newlines from the strings if passed as parameters, so it does not work that way.
This VERY nearly worked for me also since the p12 would not load via console. AWS have taken har file from an attempt so hopefully the console will be fixed one day.
Regardless of cert upload we do everything via cloudformation and no matter what I did could not get the certs and private key uploaded.
Support Tech advised the following format. I hope this helps someone else save a few hours of banging head against lack of AWS Documentation.
The format of the certs seem to require the \n in the locations below for it to accept
"-----BEGIN CERTIFICATE-----\n{{certContents}}\n-----END CERTIFICATE-----\n"
"-----BEGIN PRIVATE KEY-----\n{{certContents}}\n-----END PRIVATE KEY-----\n"
Then you need to be aware that if you take these strings and put them in something like SecretsManager then it seems to add an extra \ to the \n so the cloudformation then fails as the certs is invalid format.
You can edit the secret in plaintext to see the extra \
Cheers
this solution will works 100% and tested
Certificate & PrivateKey can be generated by command line using .p12 file (e.g. openssl pkcs12 -in Dev_Push_Certificate.p12 -nodes -clcerts)
Below cloudformation template can help us to setup & enable AWS PinPoint push notification, FCM enable and APNS push notification enable. It's taking input parameter based value for FCM, APNS Certificate and APNS PrivateKey which can be setup through AWS Console
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "FCMKey": { "Type": "String", "Description": "FCMKey" }, "Certificate": { "Type": "String", "Description": "Certificate" }, "PrivateKey": { "Type": "String", "Description": "PrivateKey" } }, "Resources": { "PinPoint": { "Type": "AWS::Pinpoint::App", "Properties": { "Name": "test" } }, "GCMChannel": { "Type": "AWS::Pinpoint::GCMChannel", "Properties": { "ApiKey": null, "ApplicationId": null, "Enabled": true } }, "APNSSandboxChannel": { "Type": "AWS::Pinpoint::APNSSandboxChannel", "Properties": { "ApplicationId": null, "Certificate": { "Fn::Join": [ "", "- "-----BEGIN CERTIFICATE-----\n"\n- !Ref 'Certificate'\n- "\n-----END CERTIFICATE-----"" ] }, "DefaultAuthenticationMethod": "CERTIFICATE", "Enabled": true, "PrivateKey": { "Fn::Join": [ "", "- "-----BEGIN PRIVATE KEY-----\n"\n- !Ref 'PrivateKey'\n- "\n-----END PRIVATE KEY-----"" ] } } } } }
Contenus pertinents
- demandé il y a un an
- Réponse acceptéedemandé il y a un an
- demandé il y a 5 mois
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans