![](/img/trans.png)
[英]Invalid request provided: AWS::ElasticLoadBalancingV2::ListenerRule Validation exception
[英]How to set multiple certificates for AWS::ElasticLoadBalancingV2::Listener
嗨,我在為 ALB 偵聽器設置多個證書時遇到問題。 這是我的 CF 模板的片段:
DiscoveryListenerHTTPS:
Type: AWS::ElasticLoadBalancingV2::Listener
DependsOn:
- DiscoveryLoadBalancer
- DiscoveryLoadBalancerTargetGroup
Properties:
Certificates:
- CertificateArn: !Ref CertificateArn1
- CertificateArn: !Ref CertificateArn2
響應是: Up to '1' certificate ARNs can be specified, but '2' were specified (Service: AmazonElasticLoadBalancingV2; Status Code: 400; Error Code: TooManyCertificates; Request ID: XXXXXXXXX)
這對我有用,是使用默認證書的 443 端口偵聽器的示例,然后是具有至少一個證書並與先前創建的偵聽器關聯的證書列表:
Listener443:
DependsOn:
- LoadBalancer
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
Certificates:
- CertificateArn: !Ref CertificateARN
LoadBalancerArn: !Ref LoadBalancer
DefaultActions:
- Type: fixed-response
FixedResponseConfig:
ContentType: text/plain
MessageBody: "Not Found"
StatusCode: 404
Port: 443
Protocol: HTTPS
CertificatesList:
Type: AWS::ElasticLoadBalancingV2::ListenerCertificate
Properties:
Certificates:
- CertificateArn: !Ref CertificateARN2
ListenerArn: !Ref Listener443
它有點笨重; 用於創建偵聽器的 CF 模板僅設置默認證書。
您應該能夠使用此對象向偵聽器添加其他證書: https : //docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html
來到這里尋找相同的答案。 發現答案在評論/答案中沒有明確列出,所以我要這樣做。 雖然可以為一個 HTTPS 監聽器指定多個 SSL 證書,但不允許在 CFN 模板中直接在 HTTPS 監聽器資源上指定多個證書。 您必須在模板中為其他證書創建另一個資源,如下所示:
AdditionalListenerCertificates:
Type: AWS::ElasticLoadBalancingV2::ListenerCertificate
Properties:
Certificates:
- CertificateArn: !Join
- ":"
- - "arn:aws:acm"
- !Ref AWS::Region
- !Ref AWS::AccountId
- !Join ["/", ["certificate", "<you-certificate-id>"]]
ListenerArn: !Ref HTTPSListener
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.