Open kenden opened 8 years ago
@kenden you can configure the certificate and domain in the Senza definition: http://docs.stups.io/en/latest/components/senza.html#senza-weighteddnselasticloadbalancer
@hjacobs Thank you, that helps. I have to have 2 yml files then, one per certificate?
Since Senza asks for the domain, would it make sense that it asks for the certificate if
You can still have only 1 yaml file by using senza Parameters
:
SenzaInfo:
StackName: mywebsite
Parameters:
- DomainTLD:
Description: "Top level domain to deploy to"
- CertTLD:
Description: "Certificate TLD to use for the domain"
# ...
- AppLoadBalancer:
Type: Senza::WeightedDnsElasticLoadBalancer
HTTPPort: 443
HealthCheckPath: /
SecurityGroups:
- app-mywebsite-lb
Scheme: internet-facing
MainDomain: mywebsite.{{Arguments.DomainTLD}}
VersionDomain: mywebsite-{{SenzaInfo.StackVersion}}.{{Arguments.DomainTLD}}
SSLCertificateId: mywebsite.{{Arguments.CertTLD}}.2016
And pass in arguments to senza create:
# e.g. to deploy to mywebsite.at using certificate mywebsite.at.2016
senza create myapp.yaml 1 0.1 --region "eu-west-1" DomainTLD=at CertTLD=at
# e.g. to deploy to mywebsite.fr using certificate mywebsite.at.2016
senza create myapp.yaml 1 0.1 --region "eu-west-1" DomainTLD=fr CertTLD=at
# e.g. to deploy to mywebsite.de using certificate mywebsite.com.2016
senza create myapp.yaml 1 0.1 --region "eu-west-1" DomainTLD=de CertTLD=com
To avoid remembering the correct combinations you can use a Makefile to keep that logic there.
When running 'senza create...', Senza asks which domain to use for the stack. It then fails because there is no certificate matching that exact domain name.
Can Senza ask which certificate to use, if none matching the domain name is found?
Repro steps:
Create configuration (command from documentation):
Create stack from configuration (command from documentation):
Note: in AWS, we do not have one certificate for every domain, we have the following certs: (from 'aws iam list-server-certificates':)
Is there a way to specify which certificate to use per domain?