Skip to content

Instantly share code, notes, and snippets.

@bunam

bunam/new_gist_file_0.md

Forked from wrburgess/new_gist_file_0.md
Created March 6, 2017 22:54
Show Gist options
  • Save bunam/05a924ce26a8b95ac48f5f1f2c7ec755 to your computer and use it in GitHub Desktop.
Save bunam/05a924ce26a8b95ac48f5f1f2c7ec755 to your computer and use it in GitHub Desktop.
Download ZIP
Creating letsencrypt certificate on OSX El Capitan and uploading to AWS Cloudfront
Raw
new_gist_file_0.md

How to use Letsencrypt with AWS Cloudfront and Mac OSX El Capitan

References

Terminal 1

SUBDOMAIN="www.example.com"

git clone https://github.com/letsencrypt/letsencrypt

cd letsencrypt

./letsencrypt-auto certonly -a manual --rsa-key-size 2048 -d $SUBDOMAIN

Terminal 2

cd letsencrypt

SUBDOMAIN="www.example.com"
BUCKET="example-bucket-name"
SHORT_KEY="o41bDh1oD6xAoDhL4r3qw6gaFkPV2GY4tw-Pg_xxxxx"
LONG_KEY="o41bDh1oD6xAoDhL4r3qw6gaFkPV2GY4tw-Pg_ShEvM.4mWtK4TUCXpLj8efrHkV_ATTkf4iRxNx0rsw5xxxxxx"

printf "%s" $LONG_KEY > .well-known/acme-challenge/$SHORT_KEY

aws s3 cp .well-known/acme-challenge/$SHORT_KEY s3://$BUCKET/.well-known/acme-challenge/$SHORT_KEY --content-type text/plain

Check that upload works: curl -D - http://$SUBDOMAIN/.well-known/acme-challenge/$SHORT_KEY

Terminal 1

  • Finish the client app steps

Terminal 2

sudo aws iam upload-server-certificate \
  --server-certificate-name $SUBDOMAIN \
  --certificate-body file:///etc/letsencrypt/live/$SUBDOMAIN/cert.pem \
  --private-key file:///etc/letsencrypt/live/$SUBDOMAIN/privkey.pem \
  --certificate-chain file:///etc/letsencrypt/live/$SUBDOMAIN/chain.pem \
  --path /cloudfront/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment