Installing SSL Certificates in Amazon Web Services

by on under aws
1 minute read

I recently had to install an SSL certificate on a couple of load balancers in Amazon Web Services (AWS). The certificate was a RapidSSL wildcard certificate. To create the certificate, I needed to first generate a Certificate Signing Request. The request result was the content of a pem file (this being the private key that needs to be kept secret), and the request itself. Once I’d entered that request on the purchase site and had been validated as authorized to create certificates for the site I was securing, I was send a file package with three files in it:

  • ServerCertificate.cer
  • CACertificate-1.cer
  • CACertificate-2.cer

Now I wanted to add the SSL certificate to AWS, but I got confused about what content to enter where in the AWS Console. The dialog to add a certificate looks like this:

The dialog for adding an SSL certificate

It turns out that the various files need to be handled as follows:

First, copy the content of the pem file into the Private Key field:

-----BEGIN RSA PRIVATE KEY-----
...A bunch of encoded information...
-----END RSA PRIVATE KEY-----

Then copy the content of the ServerCertificate.cer file into the Public Key Certificate field:

-----BEGIN CERTIFICATE-----
...A bunch of encoded information...
-----END CERTIFICATE-----

Finally, copy the content of the CACertificate-1.cer and CACertificate-2.cer files – in that order – into the Certificate Chain field:

-----BEGIN CERTIFICATE-----
...A bunch of encoded information from CACertificate-1.cer...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...A bunch of encoded information from CACertificate-2.cer...
-----END CERTIFICATE-----

And that’s it! Save, apply, and you’re good to go.

aws, ssl
comments powered by Disqus