0

I want to add certificate in listner of ApplicationLoadBalancer. How can i add and how can i associate with each ther, I am using HTTPS protocol for that i need to set/configure sslcertificate.

Listener = t.add_resource(elb.Listener(
    "Listener",
    Certificates=elb.Certificate(
        CertificateArn="",
    ),
    Port="443",
    Protocol="HTTPS",
    LoadBalancerArn=Ref(ApplicationLoadBalancer),
    SslPolicy="ELBSecurityPolicy-TLS-1-2-Ext-2018-06",
    DefaultActions=[elb.Action(
        Type="forward",
        TargetGroupArn=Ref(TargetGroupApp)
    )]
))

ListenerCertificate = t.add_resource(elb.ListenerCertificate(
    "ListenerCertificate",
    Certificates=elb.Certificate(
            CertificateArn="",
            ),
    ListenerArn=Ref(Listener)
    ))

How can i add certificate in listner and listnercertificate,

4

1 回答 1

1

有两种方法可以将现有证书添加到侦听器 - 您已经列出了这两种方法,但您实际上应该只需要其中一种。另外,我假设您需要创建证书。这显示了如何,并显示了附加该证书的两种方式。需要记住的一件事 - 批准证书创建需要手动步骤,即使它是在 CloudFormation 中创建的,因此您需要密切关注电子邮件中的批准请求:

from troposphere.certificatemanager import Certificate
# First create the certificate if it doesn't already exist

cert = t.add_resource(
    Certificate(
        "MyCert",
        DomainName="example.com",
    )
)

# Now you can add it to the load balancer directly/inline
Listener = t.add_resource(elb.Listener(
    "Listener",
    Certificates=elb.Certificate(
        CertificateArn=cert.Ref(),
    ),
    Port="443",
    Protocol="HTTPS",
    LoadBalancerArn=Ref(ApplicationLoadBalancer),
    SslPolicy="ELBSecurityPolicy-TLS-1-2-Ext-2018-06",
    DefaultActions=[elb.Action(
        Type="forward",
        TargetGroupArn=Ref(TargetGroupApp)
    )]
))


# Or you can add it to an existing Listener with this resource
ListenerCertificate = t.add_resource(elb.ListenerCertificate(
    "ListenerCertificate",
    Certificates=elb.Certificate(
            CertificateArn=cert.Ref(),
            ),
    ListenerArn=Ref(Listener)
    ))

如果您已经有证书,那么您不需要创建它的第一步 - 只需提供 arn(您可以在仪表板中找到它)作为参数,而不是cert.Ref()

希望有帮助。

于 2019-02-11T16:32:06.103 回答