Was searching for a way to get it done via the AWS web console, but that didn’t end up fruitful so had to resort to their CLI tools. In addition the ELB was already in production use which meant discarding and recreating it wasn’t really an option..

Prerequisites for the subsequent steps are the ELB API Tools and IAM Command Line Toolkit (which has to be configured with your AWS keys).

1. Run ‘iam-servercertlistbypath’ in the bin dir for IAMCLI (e.g. IAMCli-1.2.0\bin). This should give you a list of your SSL certs which are already in your AWS account.
2. Run ‘elb-create-lb-listeners –headers –listener “lb-port=443,instance-port=,protocol=https,cert-id=” –region=’. in the bin dir for ELB API Tools (e.g. ElasticLoadBalancing-1.0.15.1\bin). Replace:

<lb-name> your ELB name
<port> your EC2 instance port
<cert-name> your SSL cert in your AWS account
<aws-region> the region your ELB resides in (this seems to be missing from a lot of docs and was a major pain &#8211; I was retrieving empty result lists without this specified)

Something related to ELB which I had to look at sometime back which used these CLI tools was updating of expiring SSL certs. It’s been documented here now so I won’t be repeating it again! :)

Recently this message popped up on the MOTD of the Ubuntu servers on EC2:

*** /dev/xvda1 will be checked for errors at next reboot ***

After proceeding to do a fsck and restarting, the message still kept appearing. After some debugging with wk, it apparently was due to a stale fsck-at-reboot file left around causing the message to keep popping up.

Here are the steps I used to make sure they stopped popping up again:

sudo touch /forcefsck
sudo shutdown -r now
sudo rm /var/lib/update-notifier/fsck-at-reboot
cd /usr/lib/update-notifier/
sudo ./update-motd-fsck-at-reboot
sudo rm /forcefsck

Thanks wk!

Steps I used to get MySQL 5.5 working on Ubuntu 11.04 AMD64 (behind Aptitude’s back sadly since it’s still not packaged up due to copyright statuses..):

• Download the following from here.

  • mysql-common_5.5.13-2_all.deb
  • libmysqlclient18_5.5.13-2_amd64.deb
  • libmysqlclient-dev_5.5.13-2_amd64.deb
  • mysql-client-5.5_5.5.13-2_amd64.deb
  • libmysqld-dev_5.5.13-2_amd64.deb
  • libmysqld-pic_5.5.13-2_amd64.deb
  • mysql-server-core-5.5_5.5.13-2_amd64.deb
  • mysql-server-5.5_5.5.13-2_amd64.deb

• Run the following to remove older versions of MySQL client/server:

  sudo aptitude remove mysql-client mysql-client-5.1 mysql-client-core-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1
  

• From the directory you downloaded the files above to:

  sudo aptitude install libmysqld-dev
  sudo dpkg -i mysql-common_5.5.13-2_all.deb
  sudo dpkg -i libmysqlclient18_5.5.13-2_amd64.deb
  sudo aptitude install zlib1g-dev
  sudo dpkg -i libmysqlclient-dev_5.5.13-2_amd64.deb
  sudo aptitude install libdbi-perl libdbd-mysql-perl
  sudo dpkg -i mysql-client-5.5_5.5.13-2_amd64.deb
  sudo dpkg -i libmysqld-dev_5.5.13-2_amd64.deb
  sudo dpkg -i libmysqld-pic_5.5.13-2_amd64.deb
  sudo dpkg -i mysql-server-core-5.5_5.5.13-2_amd64.deb
  sudo dpkg -i mysql-server-5.5_5.5.13-2_amd64.deb
  

Took me awhile of messing around to get the sequence right, hope this helps!

Reference/links from blog post/comments here.

In recent times I’ve had to handle the Microsoft stack (.NET) among other things. One of the things I’ve faced recently was redirecting traffic hitting the application running on IIS behind an AWS Elastic Load Balancer (ELB) from HTTP to HTTPS. Fairly easy on the Linux stacks which had nginx in front as a reverse proxy (just add a rewrite rule on your HTTP host to HTTPS), but after tinkering around a bit, finally got the correct rewrite rule working (with the help of IIS7’s .htaccess conversion utility).

The transform code you would want to stick into your Web..config (was for a ASP.NET MVC project):

<rewrite xdt:Transform="Insert">
      <rules>
        <rule name="HTTPS rewrite behind ELB rule" stopProcessing="true">
          <match url="^(.*)$" ignoreCase="false" />
          <conditions>
            <add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
          </conditions>
          <action type="Redirect" redirectType="Found" url="https://{SERVER_NAME}{URL}" />
        </rule>
      </rules>
    </rewrite>

This assumes you have the IIS URL Rewrite module installed on your IIS server.

References:

http://www.iis-aid.com/articles/how_to_guides/redirect_http_to_https_iis_7?page=1 http://serverfault.com/questions/304621/endless-redirect-loop-with-aws-elb-and-wordpress-site-using-wordpress-https-plugi http://docs.amazonwebservices.com/ElasticLoadBalancing/latest/DeveloperGuide/index.html?SvcIntro.html