AWS CloudFront 表示 public 键是 invalid/out 限制
AWS CloudFront says public key is invalid/out of limits
我正在尝试在 AWS CloudFront 上上传 public 密钥。我生成密钥如下
ssh-keygen -t ecdsa -b 521
我也试过了
ssh-keygen -b 4096
当我通过控制台上传时,出现以下错误:com.amazonaws.services.cloudfront.model.InvalidArgumentException:您的请求包含 empty/invalid/out 个限制的 RSA 编码密钥(服务:AmazonCloudFront;状态代码:400;错误代码: InvalidArgument; 请求 ID: 08fa98af-0c02-11ea-b06e-d771d01bbfcb)
ssh -V的结果是"OpenSSH_7.7p1, OpenSSL 1.0.2p 14 Aug 2018"。
如有任何帮助,我们将不胜感激。谢谢。
我是这样生成密钥解决的:
openssl genrsa -out key.pem
openssl rsa -pubout -in key.pem -out pubkey.pem
并上传结果 pubkey.pem。我仍然不确定我以前的方法不起作用的具体原因。
这是因为 CloudFront 不支持长度为 4096 位的密钥。
当您 运行 命令 openssl rsa -pubout -in key.pem -out pubkey.pem 它默认生成它接受的 2048 位密钥。
The length of the public key for a certificate depends on where you're storing it.
Importing a certificate into AWS Certificate Manager (ACM): public key length must be 1024 or 2048 bits. The limit for a certificate that you use with CloudFront is 2048 bits, even though ACM supports larger keys.
Uploading a certificate to the AWS Identity and Access Management (IAM) certificate store: maximum size of the public key is 2048 bits.
我正在尝试在 AWS CloudFront 上上传 public 密钥。我生成密钥如下
ssh-keygen -t ecdsa -b 521
我也试过了
ssh-keygen -b 4096
当我通过控制台上传时,出现以下错误:com.amazonaws.services.cloudfront.model.InvalidArgumentException:您的请求包含 empty/invalid/out 个限制的 RSA 编码密钥(服务:AmazonCloudFront;状态代码:400;错误代码: InvalidArgument; 请求 ID: 08fa98af-0c02-11ea-b06e-d771d01bbfcb)
ssh -V的结果是"OpenSSH_7.7p1, OpenSSL 1.0.2p 14 Aug 2018"。
如有任何帮助,我们将不胜感激。谢谢。
我是这样生成密钥解决的:
openssl genrsa -out key.pem
openssl rsa -pubout -in key.pem -out pubkey.pem
并上传结果 pubkey.pem。我仍然不确定我以前的方法不起作用的具体原因。
这是因为 CloudFront 不支持长度为 4096 位的密钥。
当您 运行 命令 openssl rsa -pubout -in key.pem -out pubkey.pem 它默认生成它接受的 2048 位密钥。
The length of the public key for a certificate depends on where you're storing it.
Importing a certificate into AWS Certificate Manager (ACM): public key length must be 1024 or 2048 bits. The limit for a certificate that you use with CloudFront is 2048 bits, even though ACM supports larger keys.
Uploading a certificate to the AWS Identity and Access Management (IAM) certificate store: maximum size of the public key is 2048 bits.