I have uploaded my certificate for use with CloudFront from the AWS Command Line Interface (CLI), but the certificate is not available for selection in the dropdown for my distribution in the CloudFront console.

Certificates uploaded to IAM must be designated for use with CloudFront to be accessible from the CloudFront Distribution Custom SSL Certificate dropdown menu in the CloudFront console.

When you use the AWS CLI to upload an SSL certificate to IAM for use with CloudFront, ensure that you prepend "/cloudfront/" to the path for your distribution name to designate the certificate for use with CloudFront distributions.

For example:

aws iam upload-server-certificate --server-certificate-name CertificateName

--certificate-body file://public_key_certificate_file --private-key file://privatekey.pem

--certificate-chain file://certificate_chain_file --path /cloudfront/DistributionName/

If you did not include the "/cloudfront/" in the path for your distribution name, you can run the following command from the AWS CLI to add it. This will allow you to select the certificate from the CloudFront Distribution Custom SSL Certificate dropdown menu in the CloudFront console:

aws iam update-server-certificate --server-certificate-name CertificateName

--new-path /cloudfront/DistributionName/

Note
Allow 20 minutes for this change to propagate to all regions.

Cloudfront SSL, IAM, certificate, custom, AWS console, distribution


Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2015-12-30