[cs615asa] Some questions about env setup and X.509 certificate
hchen29 at stevens.edu
Fri Jan 30 01:45:54 EST 2015
On 01/29/2015 10:30 PM, Julian Sexton wrote:
>>>> If you use the linux-lab to do these work, you do not need to do
>>>> preperations. The aws tools have been installed on the linux-lab
>>>> system. That's the reason why you do not need to configure the
>>>> environment variables. But if you do that on your personal computer,
>>>> you should follow those steps. The certificate and the private key,
>>>> I think, are used to make sure you are the person who is allowed to
>>>> use the AWS service. If you do not have the certification, you
>>>> cannot use Amazon Web Service; in specific, you cannot use "aws"
>>>> command to deploy your instances. The aws configure asks you to
>>>> enter your access key, that does the same work.
> Just to confirm, this assignment does require an amazon account,
> right? I actually went through the entire setup process, with private
> keys, certificates, aws configure, etc, on the linux lab, so I'm
> still trying to figure out how much of this was unnecessary (and how
> much I need to undo to get it to use the school's account). As far as
> I can tell, "aws configure" needs information (key + id) from an
> amazon account (and I can't seem to find a way to unconfigure to test
> it), but how does it verify against that key and the school's
> certificate (two different owners)? Or does it just pick one of the
> two and verify that?
A good question. X.509 and Access keys are two different security
policies for different uses. X.509 is the asymmetric key
cryptography--RSA, while Access Keys is symmetric key cryptography. The
details of when to use the X.509 and Access keys can be got from this
Here is a funny thing you can see from that website. It is said that the
EC2 CLI should use X.509. That's the reason why you need to setup the
CLI and configure the environment variables, if you want to use the CLI
on your personal computer. However, if you use the installed tools on
linux-lab, you need to type your Access keys and Security Access Keys
when you use the command "aws configure". Attention, it's not X.509!
Why? They are two differnt tools!
> cs615asa mailing list
> cs615asa at lists.stevens.edu
More information about the cs615asa