/// <summary>
/// <para> Creates one or more listeners on a LoadBalancer for the specified port. If a listener with the given port does not already exist, it
/// will be created; otherwise, the properties of the new listener must match the properties of the existing listener. </para>
/// </summary>
///
/// <param name="createLoadBalancerListenersRequest">Container for the necessary parameters to execute the CreateLoadBalancerListeners service
/// method on AmazonElasticLoadBalancing.</param>
///
/// <returns>The response from the CreateLoadBalancerListeners service method, as returned by AmazonElasticLoadBalancing.</returns>
///
/// <exception cref="InvalidConfigurationRequestException"/>
/// <exception cref="CertificateNotFoundException"/>
/// <exception cref="DuplicateListenerException"/>
/// <exception cref="LoadBalancerNotFoundException"/>
public CreateLoadBalancerListenersResponse CreateLoadBalancerListeners(CreateLoadBalancerListenersRequest createLoadBalancerListenersRequest)
{
IRequest <CreateLoadBalancerListenersRequest> request = new CreateLoadBalancerListenersRequestMarshaller().Marshall(createLoadBalancerListenersRequest);
CreateLoadBalancerListenersResponse response = Invoke <CreateLoadBalancerListenersRequest, CreateLoadBalancerListenersResponse> (request, this.signer, CreateLoadBalancerListenersResponseUnmarshaller.GetInstance());
return(response);
}
public void Install(PrivateKey pk, Crt crt, IEnumerable <PKI.Crt> chain,
IPkiTool cp)
{
AssertNotDisposed();
if (CertInstaller != null)
{
CertInstaller.Install(pk, crt, chain, cp);
ExistingServerCertificateName = CertInstaller.ServerCertificateName;
// Now that the cert has been installed in IAM, we need to
// poll to see when it becomes effective because there could
// be a slight delay till it's available for reference
using (var client = new AmazonIdentityManagementServiceClient(
CommonParams.ResolveCredentials(),
CommonParams.RegionEndpoint))
{
var iamRequ = new GetServerCertificateRequest
{
ServerCertificateName = ExistingServerCertificateName,
};
var triesLeft = 10;
string arn = null;
while (triesLeft-- > 0)
{
try
{
var iamResp = client.GetServerCertificate(iamRequ);
arn = iamResp?.ServerCertificate?.ServerCertificateMetadata?.Arn;
if (!string.IsNullOrEmpty(arn))
{
break;
}
}
catch (Exception)
{
// TODO: integrate with logging to log some warnings
}
System.Threading.Thread.Sleep(10 * 1000);
}
if (string.IsNullOrEmpty(arn))
{
throw new InvalidOperationException("unable to resolve uploaded certificate");
}
}
}
string certArn;
using (var client = new AmazonIdentityManagementServiceClient(
CommonParams.ResolveCredentials(),
CommonParams.RegionEndpoint))
{
var iamRequ = new GetServerCertificateRequest
{
ServerCertificateName = ExistingServerCertificateName,
};
var iamResp = client.GetServerCertificate(iamRequ);
certArn = iamResp?.ServerCertificate?.ServerCertificateMetadata?.Arn;
}
if (string.IsNullOrEmpty(certArn))
{
throw new InvalidOperationException("unable to resolve server certificate against IAM store");
}
using (var client = new AmazonElasticLoadBalancingClient(
CommonParams.ResolveCredentials(),
CommonParams.RegionEndpoint))
{
// We've found through experience/experimentation that even if the
// cert is successfully installed and retrievable up above, it can
// still fail here temporarily till the ELB reference can resolve it
int triesLeft = 10;
Exception lastEx = null;
while (triesLeft-- > 0)
{
if (!string.IsNullOrEmpty(LoadBalancerProtocol))
{
var iamRequ = new CreateLoadBalancerListenersRequest
{
LoadBalancerName = this.LoadBalancerName,
Listeners = new List <Listener>
{
new Listener
{
LoadBalancerPort = this.LoadBalancerPort,
Protocol = this.LoadBalancerProtocol,
InstancePort = this.InstancePort,
InstanceProtocol = this.InstanceProtocol,
SSLCertificateId = certArn,
}
}
};
try
{
var iamResp = client.CreateLoadBalancerListeners(iamRequ);
// TODO: any checks we should do?
// Break out of the outer retry loop
lastEx = null;
break;
}
catch (Exception ex)
{
// TODO: integrate with logging to log some warnings
lastEx = ex;
}
}
else
{
var iamRequ = new SetLoadBalancerListenerSSLCertificateRequest
{
LoadBalancerName = this.LoadBalancerName,
LoadBalancerPort = this.LoadBalancerPort,
SSLCertificateId = certArn,
};
try
{
var iamResp = client.SetLoadBalancerListenerSSLCertificate(iamRequ);
// TODO: any checks we should do?
// Break out of the outer retry loop
lastEx = null;
break;
}
catch (Exception ex)
{
// TODO: integrate with logging to log some warnings
lastEx = ex;
}
}
System.Threading.Thread.Sleep(10 * 1000);
}
if (lastEx != null)
{
throw new InvalidOperationException(
"valid to create/update ELB listener with certificate reference", lastEx);
}
}
}
