Summary
Uploading a SSL certificate in AWS is required when setting up a HTTPS load balancer or a cloudfront bucket with HTTPS support. The certificate format required by AWS is likely to differ a little bit from what an SSL provider will give you. This article explains how to convert your SSL certificate into to the format expected by AWS
...
.
...
Table of Contents | ||
---|---|---|
|
...
1 - What you need
SSL Providers (like GoDaddy) usually provide three things when generating a SSL certificate:
- somedomain.key: this is the private key
- somedomain.crt: this is the public certificate
- provider_bundle.crt: this is the SSL provider bundle (public certificate signing your SSL certificate)
...
On the other side, AWS expects three things:
- Private Key in pem format
- Public Key Certificate in pem format
- Certificate chain in pem format: this is the bundle provided by your provider
...
2 - Installing the certificate on the ELB
Warning | ||
---|---|---|
| ||
You need to have openssl installed on your computer |
...
Code Block | ||
---|---|---|
| ||
openssl rsa -in somedomain.key -outform PEM -out somedomain.key.pem |
That's pretty much it!
Now upload the content of each file as directed:
- Upload content of somedomain.key.pem to Private Key
- Upload content of somedomain.crt to Public Key Certificate
- Upload content of provider_bundle.crt to Certificate Chain
...
Example below while setting up a AWS Load Balancer:
3. Import the certificate in AWS Certificate Manager
Open the ACM console at https://console.aws.amazon.com/acm/home.
Either import a new certificate or select the one to renew and choose "Reimport"
When reimporting a renewed certificate all associated resources (ELB, ...) are automatically updated.