Install your Comodo Certificates to Amazon AWS
AWS need that all your certificates are in PEM format.
Amazon AWS need:
- Your issued certificate
- Your private key
- The CAChain certificate that include all intermediate and Root CA certificate.
Comodo send you 4 certificates:
- AddTrustExternalCARoot.crt
- <your_issued_certificate_name>.crt: for instance yourdomain.crt in my case.
- COMODORSAAddTrustCA.crt
- COMODORSADomainValidationSecureServerCA.crt
Run the following commands:
1. cd /path/to/certificates/folder
2. mkdir pem
3. openssl x509 -in ./AddTrustExternalCARoot.crt -outform pem -out ./pem/AddTrustExternalCARoot.pem
4. openssl x509 -in ./COMODORSAAddTrustCA.crt -outform pem -out ./pem/COMODORSAAddTrustCA.pem
5. openssl x509 -in ./COMODORSADomainValidationSecureServerCA.crt -outform pem -out ./pem/COMODORSADomainValidationSecureServerCA.pem
6. openssl x509 -in ./yourdomain.crt -outform pem -out ./pem/yourdomain.pem
Convert the private key:
7. openssl rsa -in ./private.key -outform PEM -out ./pem/private.key.pem
Create a CAChain
8. cat ./pem/COMODORSADomainValidationSecureServerCA.pem > ./pem/CAChain.pem
9. cat ./pem/COMODORSAAddTrustCA.pem >> ./pem/CAChain.pem
10. cat ./pem/AddTrustExternalCARoot.pem >> ./pem/CAChain.pem
Upload
12. cd pem
12. aws iam upload-server-certificate --server-certificate-name CDNServerCertificate --certificate-body file://yourdomain.pem --private-key file://private.key.pem --certificate-chain file://CAChain.pem
Comments
Post a Comment