Install Ssl On Amazon Web Services

5 days ago
Admin
3 minutes

Install SSL certificate on Amazon Web Services

Amazon Web Services (AWS) offers reliable cloud computing services along with scalable and low cost infrastructure. Organizations can immediately organize new applications and virtual servers as per business demand. In this short article, we will know about how to install SSL certificate to AWS (Amazon Web Services) using Identity Access Management (IAM) services.

Install SSL certificate to AWS:

  1. You receive server certificate file from a certificate authority and you need to upload the certificate to the IAM (Identity Access Management) along with the private key and certificate chain.
  2. The certificate file that a CA sends would be in .crt format so you have to convert those files in .PEM format. There will be three files server certificate, private key and certificate chain file.
    • To convert private key file, you can use following command in OpenSSL.
      openssl rsa -in privatekey_filename.key -outform PEM
    • To convert individual certificate file, you can use following OpenSSL command
      openssl x509 -inform PEM -in sslorintermediate_filename.cer

    Note: When you specify file values like certificate body and private key, you should start with file:// as a part of file name.

  3. To upload the certificate, AWS command line interface (CLI) is used and the certificate can be uploaded with following command.aws iam upload-server-certificate --server-certificate-name certificate_object_name --certificate-body file://public_key_certificate --private-key file://privatekey.pem --certificate-chain file://certificate_chain_fileHere “certificate_object_name” refers to own name of the certificate for easy to memorize.
  4. The SSL certificate file is now uploaded to AWS successfully.
  5. When you upload certificate, IAM will confirm below certificate details.
    • Certificate must follow X.509 PEM format.
    • The current date of certificate should be between the start and end date.
    • Public/private certificate files should contain single certificate.
    • Private Key should match with the certificate.
    • The private key must be in PEM format and should not have encrypted password.
  6. After uploading, you can run below command to verify the SSL certificate.

    aws iam get-server-certificate --server-certificate-name certificate_object_nameThe output of the above command will look likearn:aws:iam::Your_AWS_Account_ID:server-certificate/Your_Certificate_Object_Name Certificate_Object_GUID

    Here

    Your_AWS_Account_ID means unique Amazon Resource Name (ARN)

    Certificate_Object_GUID means the ID of the certificate.

  7. To update the certificate for HTTPS load balancer, use ARN of the certificate and use following command.aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name my-loadbalancer --load-balancer-port 443 --ssl-certificate-id arn:aws:iam::123456789012:server-certificate/certificate_object_name

    Here

    my-loadbalancer means the name of your load balancer.

    Arn:aws:iam:: 123456789012 is Your_AWS_Account_ID