Getting Started with SQS
First, you'll need a regular Amazon.com account. This can be the same account that you use when shopping on Amazon for books, CDs, or other products.
Second, you need to sign up for Amazon Web services by pointing your browser to the Amazon Web services home page
. This signup gives you access to all the various Amazon Web services such as Amazon Storage Service, Amazon Mechanical Turk, Amazon Elastic Cloud, Alexa Web service, Amazon Historical Pricing, and of course Amazon Simple Queue Service (Amazon SQS). Some of these services are free; unfortunately Amazon SQS is not
a free service.
Third, you need to specifically sign up for the Amazon SQS service
. Because this is a paid service you will need to supply a credit card so Amazon can charge for the messages you send and storage you use.
Finally, you need to get an access identifier from Amazon.com. These are the unique credentials that help Amazon identify you, when you use their various Web services. You have an option of using either of two identifier types: Access Key Identifiers or X.509 certificates. Access Key Identifiers consist of Access Key ID and Secret Access Key strings that Amazon generates. X.509 certificates are certificate files provided by Amazon that contain X.509 public and private keys. Because Amazon was not forthcoming on the subject of using Access Key Identifier identifiers with Microsoft's C# platform, this article and the examples rely on X.509 Certificates.
You can get Amazon to generate your X.509 certificate via the "View Access Identifiers" link to "AWS Access Identifiers" page from the Amazon Web services home page
|Author's Note: The "View Access Identifier" link appears on a pop-up menu when you hover your mouse over the "Your Web Services Account" link in the top-right-corner of the home page.
Have Amazon.com create a new X.509 certificate, and then download both the public key file (cert-xxxxxx(AWS Thumb print)xxxxxxxx.pem
) and the private key file (pk-xxxxxx(AWS Thumb print)xxxxxxxx pem
) to a local C:\HyperScale\Keys
Extracting the PKCS12 Certificate
|Warning: While you can re-download the public certificate from Amazon if necessary, Amazon does not save the private key file, so store it securely. If you lose your private key file, you will need to re-generate your certificate.
Extracting the X.509 certificate from the cert-xxxxxx(AWS Thumb print)xxxxxxxx.pem
file requires a bit of effort.
Microsoft Windows and the C# environment expect to get X.509 certificates in PKCS12 format. This mean you need to convert the provided cert-xxx.pem
files to PKCS12 format. There are number of tools that can do this. While Amazon.com recommends Cygwin's OpenSSL tool, I recommend you use the Windows-based OpenSSL tool, which you can download here
|Figure 1. Installing PKCS12 Certificate: Right-clicking the .p12 file you created by converting the two X-509 certificate files from Amazon to PKCS12 format launches the Windows Certificate Import Wizard.|
Save and extract the openssl-0.9.7c-bin.zip
file from the download to a C:\OpenSSL
folder. Switch to that folder, open a command prompt, and execute the following commands to create an AWSCertificate.p12
certificate file in PKCS12 format in your C:\HyperScale\Keys
When OpenSSL launches, you'll see an OpenSSL prompt. Enter the following command at the prompt on a single line.
Installing the Certificate
OpenSSL> pkcs12 --export
--inkey pk-xxxxxx(AWS Thumbprint)xxxx.pem
--in cert-xxxxx(AWS Thumbprint)xxxx.pem
--out AWSCertificate.p12 -nodes
After you finish creating the AWSCertificate.p12
file discussed in the preceding section, navigate to the c:\HyperScale\Keys folder, right click on the file and select Install PFX. This will start the Windows Certificate Import Wizard as shown in Figure 1
. Follow the wizard's instructions, installing the certificate using the name "AWS Customer."
|Author's Note: Important! Remember the password you use when you install the certificate, because you will need this password when the certificate is used in your application.