Unable to update the default certificate on application load balancer using aws cli

I have generated a certificate for a domain using letsencrypt and imported it in acm using aws cli. However when I try to update the default certificate on the loadbalancer, I get below error. I can see that the certificate has been imported into the acm. Please let me know if I am missing anything. Also, I did verify that the loadbalancer is present in the right region. I am not sure why I am getting below error.

An error occurred (LoadBalancerNotFound) when calling the SetLoadBalancerListenerSSLCertificate operation: There is no ACTIVE Load Balancer named 'loadbalancer-name'

Here are my steps -

  1. Generate certificate for my domain 'abc.domain.co.
    certbot certonly --dns-route53 --dns-route53-propagation-seconds 60 -d abc.domain.co --agree-tos --no-bootstrap --preferred-challenges dns-01
  2. Import certificate into ACM -
    aws acm import-certificate --certificate fileb:///etc/letsencrypt/live/abc.domain.co/cert.pem --certificate-chain fileb:///etc/letsencrypt/live/abc.domain.co/chain.pem --private-key fileb:///etc/letsencrypt/live/abc.domain.co/privkey.pem
  3. Update the ssl listener on the loadbalancer -
    aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name loadbalancer --load-balancer-port 443 --ssl-certificate-id arn:aws:acm:us-west-1:8443XXXXXXX:certificate/xxxxx-ab3b-4036-b65e-f6cee35735a8 --region us-west-1

Welcome @bomsabado

That doesn't sound like a problem with Let's Encrypt certs. Seems more like something to ask about on AWS re:Post or even stackoverflow.

Perhaps another volunteer will offer a tip anyway.

I mostly wanted to ask whether you were aware you could get a cert using AWS ACM for the ELB (see here). Might be easier to keep it all "in the family"


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.