How to solve SSL Certificate not showing in AWS CloudFront

Most likely you already have an SSL Certificate in AWS Certificate Manager (ACM). Then when you go to configure it in CloudFront you cannot select the radio button that says Custom SSL Certificate (example.com) or your SSL Certificate does not show in the options.

The reason for this is that your SSL Certificate should be in the N. Virginia Region (us-east-1).

If you look closely on the words below the selection it says You can use a certificate stored in AWS Certificate Manager (ACM) in the US East (N. Virginia) Region, or you use a certificate stored in IAM.

This is also stated in the AWS CloudFront Documentation regarding the use of Alternate Domain Names and HTTPS.

Request or upload your SSL Certificate in AWS Certificate Manager in N. Virginia Region (us-east-1) and your SSL Certificate should show on the selection.

With this you can now use HTTPS to access your services when you are working with CloudFront.

How to solve Failed-Activating Windows in AWS EC2

Sometimes when I create a Windows EC2 Instance from one of my custom AMIs I get an activation failed Windows Server.

Follow the instruction below to Activate your Windows Instance. (For Windows Server 2016, 2019 and later only).

Activate Windows Manually using EC2Launch initialization script

Open Powershell on your Windows Server and run the command below.

C:\ProgramData\Amazon\EC2-Windows\Launch\Scripts\InitializeInstance.ps1; cscript "${env:SYSTEMROOT}\system32\slmgr.vbs" /ato

Notes:

  • No need to run Powershell in administrator mode.
  • No need to restart your instance. Once you run the above command, the Activate Windows on your desktop will disappear.
  • This will not update the local Administrator password

There are other ways to Activate Windows on your AWS EC2. You can check them all here.

Adding a Volume without Restart in Windows EC2

When I create Windows Instances in AWS EC2, I usually forget to add a drive or two. With this step-by-step tutorial, I will walk you through how to create a new Volume for EC2 Instances, then make Windows use the new Volume without a reboot.

  • Initial Setup
  • Creating and Attaching the Volume in AWS EC2 Console
  • Adding the new Volume to Windows System

Initial Setup

I launched a EC2 Windows 2016 Server with only 1 Block Device (/dev/sda1), which is also my Root Device.

AWS EC2 Console

Note the Availability Zone where your instance is located, you will need this later. Mine is in us-east-1a.

Looking inside Windows it only has 1 volume.

File Explorer
Disk Management

Creating and Attaching the Volume in AWS EC2 Console

Now we need to attach a new Volume for our Windows Server.

Go to AWS EC2 Console, on the left sidebar click on Volumes.

Continue reading Adding a Volume without Restart in Windows EC2

ESP8266 WebServer WiFi Access – Quick Setup

We will setup the ESP8266 to connect to your WiFi Network and then communicate with your computer over WiFi.

The goal is to setup the ESP8266 as a Web Server and for it to generate a random number that it will send via WiFi to a web browser.

Hardware

You will only need the following for this tutorial.

  • Adafruit Feather Huzzah with ESP8266
  • microUSB cable

You do not need to solder the pins of the Adafruit Feather HUZZAH ESP8266 since we will not wire anything to it.

Continue reading ESP8266 WebServer WiFi Access – Quick Setup

How to Get Lambda Runtime Region via Python

To get the AWS Region where your Lambda Function is running you will need to import the os module.

import os

Then from the os module, you need to get the value of AWS_REGION from the environ mapping variable. This will return the AWS Region where the Lambda Function is running.

runtime_region = os.environ['AWS_REGION']

Note: The way of getting the Runtime AWS Region of your Lambda Function is the same as when you get a Lambda Environment Variable.

Continue reading How to Get Lambda Runtime Region via Python

Creating a Public SSL/TLS Certificate in AWS Certificate Manager

If you plan to make the communication of your site visitors to be secure by using HTTPS then you need to use Public SSL/TLS Certificate. You can do this by requesting for a Public Certificate via AWS Certificate Manager (ACM).

Below are the advantages of using Public SSL/TLS Certificate provided by AWS Certificate Manager.

  • No charges = Free.
  • Auto renew – No need to worry on expiring SSL/TLS Certificate. ACM Automatically does this for you.
  • Easy integration with Amazon Web Services (AWS) products such as CloudFront, Elastic Load Balancer, API Gateway and many more.

Check the step-by-step guide on how you can request a Public SSL/TLS Certificate for HTTPS access of your website/domain.

Requesting for a Public SSL/TLS Certificate

Login to AWS Console and head to AWS Certificate Manager.

Note: AWS Certificate Manager is a regional service, therefore make sure to be in the correct AWS Region. If you are new to AWS just select N. Virginia (us-east-1) as it is one of the cheapest regions.

On the AWS Certificate Manager page, click on Get started.

On the next screen, make sure to select the Request a public certificate, then click on Request a certificate.

Under Add domain names. Enter the following.

*.[Your Domain]
Example:
*.chargedneutron.com
The * represents a wildcard. This will allow you to use the SSL Certificate to any subdomains that you want like www.domain.com, images.domain.com, sites.domain.com, mobile.domain.com
[Your Domain]
Example:
chargedneutron.com
Apex Domain or Naked Domain Name. Your domain name without subdomains. Use this if you do not want to use www in front of your website.

Then click on Next.

Select DNS Validation, then click on Review.

Continue reading Creating a Public SSL/TLS Certificate in AWS Certificate Manager

Using GoDaddy Domain in AWS Route 53

To easily GoDaddy Domains with Amazon Web Services (AWS) products such as Elastic Load Balancers, CloudFront, API Gateway, etc., you will need to associate your domain with AWS Route 53.

Follow the step-by-step tutorial below on how to associate your GoDaddy Domain to Amazon Route 53.

For the purpose of demonstration, I will be using my sample domain name – chargedneutron.com.

Setup AWS Route 53 Hosted Zone

Login to AWS Console and then go to Amazon Route 53.

On the welcome screen of Route 53, click on Get started now.

Amazon Route 53 Welcome Screen

Click on Create Hosted Zone.

Click again on Create Hosted Zone.

A sidebar will show asking for you to input the following details about your domain.

Domain Name:[Name of your Domain in GoDaddy] (Required)
Comment:[Put your comment here]
Type:Public Hosted Zone

Then click on Create.

You will then be redirected to the Hosted Zone Record Set page. Two entries are automatically created, NS and SOA Type.

Continue reading Using GoDaddy Domain in AWS Route 53

Adding a Secondary Active Directory Domain Controller on Windows Server 2016

After setting up an Active Directory (AD) on our Windows Server it is advisable to have another server to be a Secondary Active Directory Domain Controller to become the failover for Active Directory in case something happens to the first AD Server.

Below is a detailed tutorial on how to properly set up a Secondary Active Directory Domain Controller on Windows Server 2016.

Note

Primary refers to the first Windows Server that we setup Active Directory with.

Secondary refers to the the Second Windows Server we will set Active Directory. This is what we will setup here.

Here are the major steps that we need to do

Setup

Testing


Setup

Primary: Get the IP Address of the Primary Active Directory Domain Controller

Login to your Primary Active Directory Windows Server.

Right-click on the Window Icon on the bottom-left of the screen. Then click Command Prompt.

On the command prompt window type ipconfig then Enter.

Note the IPv4 Address. You will need this later on the Secondary Windows Server. Continue reading Adding a Secondary Active Directory Domain Controller on Windows Server 2016

Change Password for Active Directory Administrator on Windows Server 2016

The very first thing I do after installing Active Directory (AD) on Windows Server is to change the password of my AD Administrator. I do this because I use Amazon Web Services (AWS) EC2 as my servers and AWS automatically generates the password for my Windows Server.

The AD Administrator is a very powerful user for Active Directory as you can restrict or open capabilities to other users and computer, install/uninstall programs and can even shut down any member computer using the Admin user. That is why you should really keep your AD Administrator User password in a safe place.

Whatever the reason you have for wanting to change the password of your AD Administrator below is a step-by-step tutorial on how to change it.

Login to your Windows Server.

Click on the Window Icon on the bottom-left and click on Server Manager.

Click on Tools then Active Directory Users and Computers.

Click on the ‘>‘ sign beside your domain on the left sidebar. This will expand the tree. Continue reading Change Password for Active Directory Administrator on Windows Server 2016