How to Install SSL Certificate on Amazon Web Services (AWS)

Steps to Install SSL Certificate on Amazon Web Services (AWS)

SSL/TLS certificate allows HTTPS SSL encryption connection to application or website on Amazon Web Services (AWS).  AboutSSL.org will guide you on how to install an SSL certificate on Amazon Web Services (AWS) using IAM (Identity Access Management) services.

Step-by-Step Guide on Installing an SSL Certificate on Amazon Web Services (AWS)

• Step 1: Upload Certificate Files on IAM
• Step 2: Covert Certificate Files into .PEM Format
• Step 3: Upload Certificate Using AWS CLI via Command
• Step 4: SSL Certificate Uploaded Successfully
• Step 5: Confirm the Certificate Details
• Step 6: Verify Your SSL Certificate
• Step 7: Update Certificate for HTTPS Load Balancer

Step 1: Upload Certificate Files on IAM

Step 2: Covert Certificate Files into .PEM Format

• You can use the following OpenSSL command to convert a private key file.

openssl rsa -in privatekey_filename.key -outform PEM

• You can use the following command in OpenSSL to convert an individual certificate file.

openssl x509 -inform PEM -in sslorintermediate_filename.cer

Remember: When you specify file values such as certificate body and private key, you should start the file name with “file://”.

Step 3: Upload Certificate Using AWS CLI via Command

aws iam upload-server-certificate –server-certificate-name certificate_object_name –certificate-body file://public_key_certificate –private-key file://privatekey.pem –certificate-chain file://certificate_chain_file

Where,

“certificate_object_name” refers to an own name of the certificate for easy to remember.

Step 4: SSL Certificate Uploaded Successfully

Step 5: Confirm the Certificate Details

• The certificate file format must be followed X.509 PEM
• The current certificate date should be between the start date and end date.
• The public or private key certificate files should contain a single certificate.
• The private key should be matched with the certificate.
• The format of private key must be in PEM and should not have an encrypted password.

Step 6: Verify Your SSL Certificate

aws iam get-server-certificate –server-certificate-name certificate_object_name

The output of above code displays like,

arn:aws:iam::Your_AWS_Account_ID:server-certificate/Your_Certificate_Object_Name Certificate_Object_GUID

Where,

Your_AWS_Account_ID is a unique Amazon Resource Name (ARN)

Certificate_Object_GUID is the ID of the certificate.

Step 7: Update Certificate for HTTPS Load Balancer

aws elb set-load-balancer-listener-ssl-certificate –load-balancer-name my-loadbalancer –load-balancer-port 443 –ssl-certificate-id arn:aws:iam::123456789098:server-certificate/certificate_object_name

Where,

my-loadbalancer is the name of your load balancer.

Arn:aws:iam:: 123456789098 is Your_AWS_Account_ID

That’s it…!! You Have Done It!!

You can test your SSL configuration on our SSL Checker Tool that will give you the certificate installation details like SSL algorithm type, server type, key size, serial number, certificate issuer name, about your SSL certs and will let you about certificate installation status.

Resources and Other Installation Guides

• Load Balancer with an HTTPS Listener
• How to Install SSL Certificate on Red Hat Linux?
• How to Install SSL Certificate on Ubuntu Server using Apache?
• How to Insatll SSL Certificate on Node.js?

95%
OFF