Can't add SSL listener, Server Certificate not found for the key
Solution 1:
I faced the same problem when trying to create the ELB from the web console. I was trying to create a upload a new certificate there via GUI and it was finally failing with same error. I solved it by uploading the certificate files separately via aws cli. It is explained in this doc - http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html#upload-cert
Upload the certificate, private key and certificate chain like this
aws iam upload-server-certificate --server-certificate-name my-server-cert \
--certificate-body file://my-certificate.pem --private-key file://my-private-key.pem \
--certificate-chain file://my-certificate-chain.pem
And then go to the web console and choose the option "Choose an existing certificate from AWS Identity and Access Management (IAM)" and choose the certificate pair that was just uploaded. It will work fine after that.
Solution 2:
The error is misleading. It does upload the cert. Once you receive that error exit then go back to change. Choose existing IAM certificate and click on the drop down -- you should see the new cert there.
Solution 3:
I had the same issue but thankfully managed to resolve it without having to hit the CLI. I got the ELB to add a HTTPS listener by pasting the certificate chain in the public key certificate field, after the certificate itself.
The error only manifested when the certificate chain was pasted in to its own certificate chain input box in the console (marked optional). Not really sure why this made a difference but it created the HTTPS listener on the ELB and all was good.
Solution 4:
It was due to special character in Certificate Name: .(dot) in my case. Everything worked fine after remove all dots from certificate name
Solution 5:
I just hit this, too. Tried five times to create a new ELB and it failed every time. Never tried to API variant, but I managed to set the SSL certificate by
- First creating the ELB; then
- modifying the listener by changing from HTTP to HTTPS and uploading my certificate+key+intermediates.