如何在EC2实例上更新SSL证书 [英] How to update SSL certificate on EC2 instances

问题描述

这是我的难题.当前，我们在AWS EC2服务上运行了很多服务器.在我之前，他们曾经使用SSL证书配置服务器映像.现在，证书即将到期，我们需要用新证书替换旧证书.我已经阅读了有关将新证书上传到IAM的AWS文档，但这非常令人困惑.有什么方法，例如，使用Power Shell命令将新证书上载到现有服务器?

先谢谢了.

解决方案

如果您的证书在现有实例上已经过期，而在Elastic Load Balancer上没有，那么您需要根据需要在该服务器上更新每个服务器./p>

它不是IAM类型的服务器证书.

因此，您需要触摸每台服务器并进行升级.如果每个服务器都有AMI，则升级证书后可能需要创建新的AMI.

请参见在远程服务器上使用PowerShell安装证书以获取一些建议在PowerShell上远程安装证书文件的方法.

根据您的预算，您甚至可以考虑针对一个实例使用ELB，然后在其中安装SSL证书.从长远来看，它使在ELB级别而不是服务器/AMI级别管理证书更加容易

Here is my dilemma. Currently we run quite a few server on AWS EC2 service. Before my time, they used to configure Server images with the SSL certificate on them. Now, the certificate is about to expire and we need to replace the old one with the new one. I have read documentation on AWS in regards to uploading new certificate to IAM but it is very confusing. Is there any way, for example, using Power Shell commands to upload the new certificate to the existing servers?

Thanks in advance.

解决方案

If you have certificates that are expired on existing instances and NOT on an Elastic Load Balancer, then you need to update each server as needed, on that server.

It is not an IAM type server certificate.

So you need to touch each server and upgrade. If you have AMIs for each server, you may need to create new AMIs after upgrading the certificate.

See Install certificate with PowerShell on remote server for some suggestion on PowerShell methods of installing a certificate file remotely.

Depending on your budget, you could consider using an ELB even for one instance, and installing the SSL cert there. It makes it easier in the long run to manage certs at the ELB level, rather than at the server/AMI level

这篇关于如何在EC2实例上更新SSL证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！