Overview
When configuring an Application Load Balancer (ALB) the AWS ELBv2 APIs can be used to manage any SSL/TLS certificates. Certificates will need to be created in advance using the API or via the web UI by navigating to the Certificates page and importing them:
Like all Zadara Compute resources, each certificate you import will receive an ID which will be used to uniquely identify it and which you will use to attach or detach it to/from your load balancer listeners.
Getting ID of Listeners
In order to manage the certificates attached to a listener, you'll need to get the ID of the listener. This can be done with the describe-listeners
command:
aws elbv2 describe-listeners --load-balancer-arn <load_balancer_id>
This will return a list of all listeners you've configured for the Load Balancer. The ListenerArn
value will contain the ID of the listener.
Listing Certificates
The describe-listener-certificates
command can be used to list all certificates attached to the listener of a Load Balancer:
aws elbv2 describe-listener-certificates --listener-arn <listener_id>
Attaching Certificates
Adding multiple certificates using this API can be done in zCompute version 22.09.04+.
The add-listener-certificates
command can be used to attach an additional certificate to the listener of a Load Balancer:
aws elbv2 add-listener-certificates \
--listener-arn <listener_id> \
--certificates CertificateArn=<certificate_id>
Detaching Certificates
The remove-listener-certificates
command can be used to list all certificates attached to the listener of a Load Balancer:
aws elbv2 remove-listener-certificates \
--listener-arn <listener_id-arn> \
--certificates CertificateArn=<certificate_id>