- 最新
- 最多得票
- 最多評論
This can happen if you are submitting a pem that contains the complete certificate chain in the certificate body. Do you have any options when you are doing the CSR generation about excluding the certificate chain (and intermediate and root certs) from the certificate? This should ensure that they are only listed in the certificate chain.
Unfortunately I don't have access to the CSR files, we are receiving an existing infrastructure developed by another contractor. I only have access to the certificate files on the web server.
But why the same files work on the web console and they fail with the cli ? is this limitation present only on the cli tool ?
And how can I check the list of certificates inside my pem cert file ? I'm no openssl expert, but I only see one CERTIFICATE BEGIN/END section on the file, if there were multiple certificates in the file shouldn't there be multiple CERTIFICATE BEGIN/END sections ?
Thanks.
The issue was solved with the help of aws support. The certificate file was fine, the issue was that not all aws cli documentation is consistent. I was looking at:
https://docs.aws.amazon.com/cli/latest/reference/acm/import-certificate.html
Where it does not mention that parameters values must be preceded by "file://"
aws acm import-certificate --certificate file://ssl.website.com.crt --private-key file://ssl.website.com.key --certificate-chain file://ssl.website.com.ca --region us-east-2 --profile default
相關內容
- AWS 官方已更新 2 年前
- AWS 官方已更新 3 個月前
- AWS 官方已更新 3 年前