CloudFront SSL Certificate Not Showing up in UI After Uploading

Question

I've been using Cloudfront to terminate SSL for several websites, but I can't seem to get it to recognize my newly uploaded SSL certificate for some reason.

Here's what I've done so far:

Purchased a valid SSL certificate, and uploaded it via the AWS cli tool as follows:

$ aws iam upload-server-certificate \
  --server-certificate-name www.codehappy.io \
  --certificate-body file://www.codehappy.io.crt  \
  --private-key file://www.codehappy.io.key \
  --certificate-chain file://www.codehappy.io.chain.crt \
  --path /cloudfrount/codehappy-www/

For which I get the following output:

{
    "ServerCertificateMetadata": {
        "ServerCertificateId": "ASCAIKR2OSE6GX43URB3E",
        "ServerCertificateName": "www.codehappy.io",
        "Expiration": "2016-10-19T23:59:59Z",
        "Path": "/cloudfrount/codehappy-www/",
        "Arn": "arn:aws:iam::001177337028:server-certificate/cloudfrount/codehappy-www/www.codehappy.io",
        "UploadDate": "2015-10-20T20:02:36.983Z"
    }
}

NOTE: I first ran aws configure and supplied my IAM user's credentials (this worked just fine).

Next, I ran the following command to view a list of all my existing SSL certificates on IAM:

$ aws iam list-server-certificates
{
    "ServerCertificateMetadataList": [
        {
            "ServerCertificateId": "ASCAIIMOAKWFL63EKHK4I",
            "ServerCertificateName": "www.ipify.org",
            "Expiration": "2016-05-25T23:59:59Z",
            "Path": "/cloudfront/ipify-www/",
            "Arn": "arn:aws:iam::001177337028:server-certificate/cloudfront/ipify-www/www.ipify.org",
            "UploadDate": "2015-05-26T04:30:15Z"
        },
        {
            "ServerCertificateId": "ASCAJB4VOWIYAWN5UEQAM",
            "ServerCertificateName": "www.rdegges.com",
            "Expiration": "2016-05-28T23:59:59Z",
            "Path": "/cloudfront/rdegges-www/",
            "Arn": "arn:aws:iam::001177337028:server-certificate/cloudfront/rdegges-www/www.rdegges.com",
            "UploadDate": "2015-05-29T00:11:23Z"
        },
        {
            "ServerCertificateId": "ASCAJCH7BQZU5SZZ52YEG",
            "ServerCertificateName": "www.codehappy.io",
            "Expiration": "2016-10-19T23:59:59Z",
            "Path": "/cloudfrount/codehappy-www/",
            "Arn": "arn:aws:iam::001177337028:server-certificate/cloudfrount/codehappy-www/www.codehappy.io",
            "UploadDate": "2015-10-20T20:09:22Z"
        }
    ]
}

NOTE: As you can see, I'm able to view all three of my SSL certificates, including my newly created one.

Next, I logged into the IAM UI to verify that my IAM user account has administrator access:

As you can see my user is part of an 'Admins' group, which has unlimited Admin access to AWS.

Finally, I log into the Cloudfront UI and attempt to select my new SSL certificate. Unfortunately, this is where things seem to not work =/ Only my other two SSL certs are listed:

Does anyone know what I need to do so I can use my new SSL certificate with Cloudfront?

Thanks so much!

Answer 1

Most likely, the issue is that the path is incorrect. It is not cloudfrount but cloudfront