Was searching for a way to get it done via the AWS web console, but that didn’t end up fruitful so had to resort to their CLI tools. In addition the ELB was already in production use which meant discarding and recreating it wasn’t really an option..
- Run ‘iam-servercertlistbypath’ in the bin dir for IAMCLI (e.g. IAMCli-1.2.0\bin). This should give you a list of your SSL certs which are already in your AWS account.
- Run ‘elb-create-lb-listeners
–headers –listener “lb-port=443,instance-port= ,protocol=https,cert-id= ” –region= ’. in the bin dir for ELB API Tools (e.g. ElasticLoadBalancing-184.108.40.206\bin). Replace:
<lb-name> your ELB name <port> your EC2 instance port <cert-name> your SSL cert in your AWS account <aws-region> the region your ELB resides in (this seems to be missing from a lot of docs and was a major pain – I was retrieving empty result lists without this specified)
Something related to ELB which I had to look at sometime back which used these CLI tools was updating of expiring SSL certs. It’s been documented here now so I won’t be repeating it again! :)