Error Reading Certificate File Cert-ec2.pem
some custom Java and build tools support. I proceeded to get the error reading certificate file amitools/cert-ec2.pem error, as posted by traxonius, when trying to create new descendant images. I also had the pleasure of getting keyring errors because all of the Debian apt-get keyring files get dumped by the AMI bundle rules. my original API/AMI setup I set up my tools in /opt/ec2 based on the following commands from the CreateEC2Image article on the Debian project wiki. wget http://s3.amazonaws.com/ec2-downloads/ec2-api-tools.zip wget http://s3.amazonaws.com/ec2-downloads/ec2-ami-tools.zip unzip ec2-api-tools.zip unzip ec2-ami-tools.zip mkdir /opt/ec2 rsync -ar ec2-api-tools-*/* /opt/ec2 rsync -ar ec2-ami-tools-*/* /opt/ec2 rm -rf ec2-api-tools* rm -rf ec2-ami-tools* Export EC2_HOME by adding export EC2_HOME=/opt/ec2 to /etc/profile. Add EC2_HOME/bin to your PATH by updating export PATH to look like export PATH=$PATH:$EC2_HOME/bin. chmod -R 755 /opt for good measure. the hackish fix If you are only using these images for intra-company use, then you might be able to take advantage of the slightly hackish solution I used. I removed the excerpted lines from the /opt/ec2/lib/ec2/platform/base/constants.rb file. '"*.pem"', '"*.priv"', '"*.gpg"', '"*.jks"', 223 words. Post tags: AWS, AMI, certificate, and bundle. Post content is written by Jason Zerbe and licensed CC BY-NC 3.0. tech trails eats
with Amazon Linux AMIseem to excludethiscrucial file when bundling up froman instance-store backed instance. This can cause problems down the road when you want to further customizeyour AMI. For example, Amazon has a 32-bit instance-store backed AMI in the us-east region with ID "ami-4b814f22". We launch an EC2 instance with this AMI, customize it, bundle it up using ec2-bundle-vol, and finally register the bundle. So we are now at, say, ami-12345678. We launch a new EC2 instance with ami-12345678, customize it again and then bundle up the new customization. But the ec2-bundle-vol http://vraidsys.com/2012/10/error-reading-certificate-file-amitools-cert-ec2.pem/ command will fail this timewith an error like this: error reading certificate file /opt/aws/amitools/ec2/etc/ec2/amitools/cert-ec2.pem: No such file or directory - /opt/aws/amitools/ec2/etc/ec2/amitools/cert-ec2.pem This looks like a bug in EC2 tools shipped by Amazon. An easy but tedious workaround is to launch an instance off the original Amazon AMI, i.e ami-4b814f22 and then copy over the cert-ec2.pem before running ec2-bundle-vol . This problem has been reported http://randomizedsort.blogspot.com/2012/01/ec2-bundle-vol-error-cert-ec2pem-no.html here. Hope Amazon will devise a fix soon to save users from this misery. Posted by YC at 6:46 PM Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest Labels: AWS No comments: Post a Comment Newer Post Older Post Home Subscribe to: Post Comments (Atom) Blog Archive ▼ 2012 (5) ► October (1) ► July (1) ► June (2) ▼ January (1) ec2-bundle-vol Error "cert-ec2.pem: No such file o... ► 2011 (20) ► December (1) ► November (3) ► October (4) ► August (1) ► July (3) ► June (1) ► May (2) ► March (2) ► February (3) ► 2010 (13) ► December (2) ► November (2) ► October (2) ► September (6) ► August (1) Popular Posts Using Guice-ified Jersey in Embedded Jetty Configuring Maven to Use a Local Library Folder Step-to-Step Guide to Programming Android SSL with Self-Signed Server Certificate Porting iptables 1.4.10 to Android Cassandra Range Query Using CompositeType Labels Android Java AWS Cassandra Cloud Guice JAX-RS Jersey Linux Maven SSL Jetty LBS Big-Data GPS JIRA System Programming Followers About Me YC Hacker by the Bay. View my complete profile Simple template. Powered by Blogge
scale your application to infinity while reducing IT-budget? Just kidding. As using the (increasingly hyped) cloud infrastructure indeed does make sense for some applications out there, http://blog.makandra.com/2010/04/how-to-create-an-image-from-a-running-amazon-ec2-instance/ some of our customers use it. A common task when working on Amazon EC2 is to launch instances (virtual machines for the old-fashioned) in order to get increased computing power, to add another slave for whatever, etc.. Of course you need some kind of image to boot your virtual machine - and you can't just drive past the Amazon datacenter in Dublin to insert your error reading Ubuntu CD somewhere. Ideally this image already includes the basic stuff you usually need. As we work with Ruby on Rails most of the time we need a Ruby interpreter, a bunch of gems we usually use, maybe a database server, Java run-time-environment for using Solr or Memcached. Additionally you might have some basic configuration like security-stuff, monitoring or SSH keys for your team. In order error reading certificate to create such an instance that includes your individual stuff, boot one of the offered basic AMIs at Amazon, do your configuration homework and follow the next steps to create your own private individual AMI: First of all you need the X.509 keys. Go to the AWS Management Console, click "Account" in the very upper menu line, "Security credentials", enter your login data and click on "X.509 Certificates" located in "Access Credentials". Copy these certificates to your instance: $ scp -i your_keyfile_for_the_instance.pem directory_where_both_x509_certs_are/*.pem root@$hostname.compute.amazonaws.com: Log into the instance and move the keys to a separate directory, as you want to exclude those keys from the image to be created: $ ssh into instance $ mkdir x509_certs $ mv *.pem x509_certs $ cd x509_certs Hints: ec2-bundle-image is very likely not what you want if you intend to create an AMI from a running instance, use ec2-bundle-vol (as described in the following) instead! To ensure you get a clean state of your machine, try to disable as much services (read: database, application server, etc.) as possible. Keep in mind that if you connect to an instance through an elastic IP, your SSH-connection will die if you disass