in ebcli/labs/setupssl.py [0:0]
def do_command(self):
app_name = self.get_app_name()
env_name = self.get_env_name(cmd_example='eb labs setup-ssl')
certfile = self.app.pargs.cert_file
privatekey = self.app.pargs.private_key
certchain = self.app.pargs.cert_chain
cert_name = self.app.pargs.name
if certfile or privatekey or certfile:
if not (certfile and privatekey):
raise InvalidOptionsError(
'When providing your own certificate the --cert-file '
'and --private-key options are both required.')
_validate_files_exists(certfile, privatekey, certchain)
if not cert_name:
cert_name = env_name
if _is_single_instance(app_name, env_name):
raise NotSupportedError('This command is currently not supported '
'for single instance environments. \n'
'For more information please see '
'http://docs.aws.amazon.com/elasticbeanstalk/'
'latest/dg/SSL.SingleInstance.html')
if not certfile:
privatekey, certfile = generate_self_signed_cert(cert_name)
certfile = fileoperations.read_from_text_file(certfile)
privatekey = fileoperations.read_from_text_file(privatekey)
if certchain:
certchain = fileoperations.read_from_text_file(certchain)
result = iam.upload_server_certificate(cert_name + '.crt', certfile,
privatekey, chain=certchain)
arn = result['Arn']
option_settings = [
elasticbeanstalk.create_option_setting(
namespaces.LOAD_BALANCER,
option_names.LOAD_BALANCER_HTTP_PORT,
'OFF'
),
elasticbeanstalk.create_option_setting(
namespaces.LOAD_BALANCER,
option_names.LOAD_BALANCER_HTTPS_PORT,
'443'
),
elasticbeanstalk.create_option_setting(
namespaces.LOAD_BALANCER,
option_names.SSL_CERT_ID,
arn
),
]
commonops.update_environment(env_name, changes=option_settings,
nohang=False)