Sawadeekab
ELB SSL 추가 방법 및 삭제 방법(openssl기준) 본문
Amazon Linux AMI 2016.03.2 (HVM), SSD Volume Type + ELB 로 제작 된 내용입니다.
따로 OpenSSL을 설치 할 필요가 없음.
[root@ip-10-0-1-86 ~]# openssl genrsa -des3 -out test.pem 1024
Enter pass phrase for test.pem: 패스워드 기입
[root@ip-10-0-1-86 ~]# openssl req -new -key test.pem -out test.csr
[root@ip-10-0-1-86 ~]# openssl x509 -req -signkey test.pem -in test.csr -out test.crt
[root@ip-10-0-1-86 ~]# openssl rsa -in test.pem -out sawadeekab.pem
[root@ip-10-0-1-86 ~]# cat sawadeekab.pem
[root@ip-10-0-1-86 ~]# cat test.crt
ELB SSL 인증서 등록
[root@ip-10-0-1-86 ~]# cat sawadeekab.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDDfHFanDW3CUaVkkgXLvMOOnFcryBmRZiJyBKPlrQSEObjHYeP
zLxmaYPP4pGebW3Ot352G/hdI3G85ltFoXu1pbyJ4UZKgP++24C8iWvnajuyzVtX
IX9KczKc4uqzSCeiDD0TEJM1I3A6HZWwcjEgcvej8ruRsZFsEmXnKcn3FQIDAQAB
AoGAUnIRfJ2VKfUHh92B+gUbDU0osmZJy9heVP3EljqBB32JYw/5NHSsoKSvquVr
dN3CCgTpmPaC8QUZ2wlsRRmuCll701bvcO/dz5mzh6qG24TEVfXzIumZkUF1ybY0
B+D1+TZNYp3emUTRdJhr1kg/+gOUgEYheBOLgVPFTkD1dQECQQDjJnP8KcIhge/k
Zzdxpqwjfiixk17c3vv/ygdL29/FtxMkrFJVQT7MvWe01ijIqIhQ8Aksd5uEHZG2
Em72kzitAkEA3FB3FSx25JQdu7heNfDkVCcspyUGmUaf2o7vujM5kSFncjYNKwuB
YmFgurGcquInn3y2whmYeXD+Ad47T0L9CQJBAKDRdaZe7imI9A2SIgfdx9utEyR9
wNjBKkqzfyzu82PotK3vLq9bbRnJMyYtxVwjLbeX6fbIi5si0CnGrTb3jlUCQDSj
HPB4ISfXo4r4L7ofhc39VhPRKtRwJT0orWoFVxmvq3GELH0+UHla3qt8R/wj8GeQ
enHBf8Z0EpwLpov3a1ECQC/KaBEDiNgF4MsMMRVf+EoB7Gkfe3PR+s6I+UHniIfp
3Iy1UArYEJE6ixpZ+6QQkV94siojxMbG0YAFgwMURyk=
-----END RSA PRIVATE KEY-----
[root@ip-10-0-1-86 ~]# cat test.crt
-----BEGIN CERTIFICATE-----
MIICkzCCAfwCCQC5pk5FI5d35TANBgkqhkiG9w0BAQUFADCBjTELMAkGA1UEBhMC
a3IxDjAMBgNVBAgMBVNlb3VsMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNV
BAoME0RlZmF1bHQgQ29tcGFueSBMdGQxGzAZBgNVBAMMEnd3dy5zaGluamlob29u
LmNvbTEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbTAeFw0xNjA2MTcwNTEw
MzBaFw0xNjA3MTcwNTEwMzBaMIGNMQswCQYDVQQGEwJrcjEOMAwGA1UECAwFU2Vv
dWwxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UECgwTRGVmYXVsdCBDb21w
YW55IEx0ZDEbMBkGA1UEAwwSd3d3LnNoaW5qaWhvb24uY29tMRwwGgYJKoZIhvcN
AQkBFg10ZXN0QHRlc3QuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
fHFanDW3CUaVkkgXLvMOOnFcryBmRZiJyBKPlrQSEObjHYePzLxmaYPP4pGebW3O
t352G/hdI3G85ltFoXu1pbyJ4UZKgP++24C8iWvnajuyzVtXIX9KczKc4uqzSCei
DD0TEJM1I3A6HZWwcjEgcvej8ruRsZFsEmXnKcn3FQIDAQABMA0GCSqGSIb3DQEB
BQUAA4GBADs/T+3SFo8rhWuXGdqXOeEz8geOHu2TfCIWQN2Hw/7WQaQnpu8cJUj8
FJaxDRM4zQiR3R+132mYBU6/GHEtNS2/RrjBvQbmLV6ci39ShImBldI6J2B87MSJ
MZvrurrrdTiVXDMZfqZG8NVgvnZcVP0ZZ+84FHqr8gHBUWuv3ADr
-----END CERTIFICATE-----
SSL 인증서 CLI 삭제 하기
1.인증서 확인 명령어
aws iam get-server-certificate --server-certificate-name certificate_object_name
예)aws iam get-server-certificate --server-certificate-name sawadeekab
1-1.아래와 같은 메세지가 나올 경우
Unable to locate credentials. You can configure credentials by running "aws configure".
1-2.aws configure를 사용하여 Access Key와 Secret Access Key를 입력하고 나머지는 skip 하셔도 됩니다.
키를 모르실 경우 재 생성해서 하나 더 받을수 있습니다.
http://docs.aws.amazon.com/ko_kr/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey
[root@ip-10-0-1-75 ec2-user]# aws configure
AWS Access Key ID [None]: 입력
AWS Secret Access Key [None]: 입력
Defualt region name [None] : 입력
aws iam delete-server-certificate --server-certificate-name certificate_object_name
예)aws iam delete-server-certificate --server-certificate-name sawadeekab
http://docs.aws.amazon.com/ko_kr/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#DeleteCertObject
https://docs.aws.amazon.com/ko_kr/IAM/latest/UserGuide/id_credentials_server-certs.html#delete-server-certificate
삭제를 해도 삭제에 성공 했다는 메세지가 나오지 않으므로 참고 해주시기 바랍니다.
삭제하고 난 뒤 ELB에 보시면 해당 리스트가 삭제 된 걸 확인 하실수 있을겁니다.
'AWS' 카테고리의 다른 글
| EC2 스케쥴링 (매일 EC2 끄고 키는방법 무작정 따라하기) (0) | 2017.11.22 |
|---|---|
| AMI 자동 백업 및 삭제 스크립트 (0) | 2016.11.18 |
| IAM 계정생성부터 권한설정까지 (0) | 2016.11.18 |
| Centos NAT 서버 셋팅 및 NAT 터널링하여 RDS 접속하기 (0) | 2016.06.08 |
| RDS Public Subnet 바꾸는 방법 (0) | 2016.06.01 |
