How to Install SSL Certificate on Amazon Web Services (AWS)

Steps to Install SSL Certificate on Amazon Web Services (AWS)

Amazon Web Services (AWS) offers a suite of cloud-computing services along with scalable, faster, and lower-cost management. Online Businesses can immediately organize and manages new applications and virtual servers as per their pre-defined requirements.

SSL/TLS certificate allows HTTPS SSL encryption connection to application or website on Amazon Web Services (AWS). AboutSSL.org will guide you on how to install an SSL certificate on Amazon Web Services (AWS) using IAM (Identity Access Management) services.

Step-by-Step Guide on Installing an SSL Certificate on Amazon Web Services (AWS)

Follow these 7 steps to installing an SSL certificate on Amazon Web Services (AWS).

Step 1: Upload Certificate Files on IAM

Once you complete the SSL buying process, a certificate authority sends a server certificate file via on registered email. Just upload it to the Identity Access Management (IAM) including the certificate chain and the private key.

Step 2: Covert Certificate Files into .PEM Format

The certificate authority sends a certificate files in the .crt format, you need to convert those files into .PEM format. The certificate files include the server certificate, private key, and the certificate chain file.

You can use the following OpenSSL command to convert a private key file.

openssl rsa -in privatekey_filename.key -outform PEM

You can use the following command in OpenSSL to convert an individual certificate file.

openssl x509 -inform PEM -in sslorintermediate_filename.cer

Remember: When you specify file values such as certificate body and private key, you should start the file name with “file://”.

Step 3: Upload Certificate Using AWS CLI via Command

AWS CLI (Command Line Interface) is used to upload the certificate, and you can use the following command for that,

aws iam upload-server-certificate –server-certificate-name certificate_object_name –certificate-body file://public_key_certificate –private-key file://privatekey.pem –certificate-chain file://certificate_chain_file

Where, “certificate_object_name” refers to an own name of the certificate for easy to remember.

Step 4: SSL Certificate Uploaded Successfully

You have successfully uploaded the SSL certificate file to Amazon Web Services (AWS).

Step 5: Confirm the Certificate Details

IAM will confirm the certificate details, once you upload a certificate.

The certificate file format must be followed X.509 PEM
The current certificate date should be between the start date and end date.
The public or private key certificate files should contain a single certificate.
The private key should be matched with the certificate.
The format of private key must be in PEM and should not have an encrypted password.

Step 6: Verify Your SSL Certificate

After successfully uploading, run the below command to verify your SSL certificate.

aws iam get-server-certificate –server-certificate-name certificate_object_name

The output of above code displays like,

arn:aws:iam::Your_AWS_Account_ID:server-certificate/Your_Certificate_Object_Name Certificate_Object_GUID

Where Your_AWS_Account_ID is a unique Amazon Resource Name (ARN) and Certificate_Object_GUID is the ID of the certificate.

Related: AWS - Alexa

Step 7: Update Certificate for HTTPS Load Balancer

Use ARN of the certificate to update the certificate for HTTPS load balancer by using the below command.

aws elb set-load-balancer-listener-ssl-certificate –load-balancer-name my-loadbalancer –load-balancer-port 443 –ssl-certificate-id arn:aws:iam::123456789098:server-certificate/certificate_object_name

Where my-loadbalancer is the name of your load balancer and Arn:aws:iam:: 123456789098 is Your_AWS_Account_ID

SSL Checker

https://www.websiteplanet.com/webtools/ssl-checker/

It will allow you to check your SSL certificate quickly and easily.

That’s it…!! You Have Done It!! 😊