amazon web services - Terminating SSL at an AWS ELB instance -


i need terminate ssl @ aws elb instance. it/ops has provided me zip file following contents:

  • digicertca2.pem
  • trustedroot.pem
  • wildcard_example_com.crt
  • wildcard_example_com.csr
  • wildcard_example_com.key
  • wildcard_example_com.pem

(in reality domain not example.com; wildcard cert our own domain.)

according elb/ssl docs:

if have certificate ready upload, select upload new ssl certificate aws identity , access management (iam). enter name of certificate. in private key, copy , paste contents of private key file (pem-encoded). in public key certificate, copy , paste contents of public key certificate file (pem-encoded). in certificate chain, copy , paste contents of certificate chain file (pem-encoded), unless using self-signed certificate , it's not important browsers implicitly accept certificate.

however, i'm not sure cert "certificate chain file", or if necessary. believe these certs signed root/trusted ca (not self-signed).

i have no preference whether in web console or aws cli tool, but steps/actions need take specific files in order elb configured ssl?

first, don't through old iam service method, use new aws acm service manage certificate. acm service has nice web interface doing this.

the company got cert should able tell file chain file, , yes chain file required if want browsers see ssl certificate valid. did little searching , found this blog post discusses using digicert certificates aws. looks files follows:

  • wildcard_example_com.key = private key file
  • wildcard_example_com.crt = public key file
  • digicertca2.pem , trustedroot.pem combined = certificate chain

Comments

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

asp.net - Problems sending emails from forum -