Configuring SSL for Amazon Snowball and Amazon Snowball Edge
To configure SSL for Amazon Snowball
- Ensure that the entries in the
/.aws/snowball/config/snowball-adapter.configfile are correct. Especially, ensure that the host name is set. - Start the adapter. Following is a sample command:
./snowball-adapter -i Snowball IP address -m path to manifest file -u 29 character unlock code --ssl-enabled --aws-secret-key key
- Self-signed SSL certificate and key are generated in the
/.aws/snowball/config/directory. - Append the certificate provided to the Amazon Snowball adapter on the command line as it is to
/usr/openv/var/global/cloud/cacert.pemfile on the media server. Ensure that the format and length of the newly copied certificate matches with the existing certificates incacert.pem.
To configure SSL for Amazon Snowball Edge
- Lists the certificates available for use. Run the following Amazon Snowball client command:
./snowballEdge list-certificates
- Obtain the certificate. Run the following Amazon Snowball client command:
./snowballEdge get-certificate --certificate-arn arn_value
- Append the certificate provided on the command line as it is to
/usr/openv/var/global/cloud/cacert.pemfile on the media server. Ensure that the format and length of the newly copied certificate matches with the existing certificates incacert.pem.Note:
Ensure that you do not change the file permission and ownership of the
cacert.pemfile.