(8 votes, average: 4.50 out of 5)
Loading...A step-by-step guide to help you install an SSL certificate on your AWS EC2 Instance
If you’re wondering how to install an SSL certificate on an AWS EC2 instance, you’ve come to the right place. We will begin by looking at some prerequisites that need to be satisfied before getting started with the actual AWS SSL certificate installation process.
Secure a Website in Few Clicks – Save Up to 79%
Save 79% on Sectigo SSL Certificates. It includes unlimited server licenses, reissuances, 256-bit encryption, and more.
Prerequisites: What to Do Before Installing an AWS SSL Certificate on EC2
You need to have certain files available before you can install an SSL certificate on the AWS EC2 instance. Please go through the checklist below to ensure you have everything that’s needed before we proceed to the next step:
- Server certificate: This is the SSL certificate that was shared by the CA, possibly via your registered email.
- Intermediate certificates: These were, in all probability, sent to you along with your server cert when and if you received the certificate in a zip folder. If not, you can always download the CA Bundle for your certificate.
- Private key: This key should be under your charge or on the server (where you generated the certificate signing request).
Once you have these files, they must be PEM encoded before they can be uploaded onto your AWS account.
How to Convert Your AWS SSL Certificate to PEM-Encoded Format for EC2
The certificates received from the CA with a “.crt” extension can be converted to PEM format (if they come with any other encoding formats like DER). This process can be done either by using an online conversion tool or by using the OpenSSL library.
Example PEM-encoded certificate:
—–BEGIN CERTIFICATE—–
Base64-encoded certificate
—–END CERTIFICATE—–
Note: The OpenSSL library can also be used to convert certificate files from other formats such as pkcs#7, pfx, etc.
To do this, run the following command to convert the server certificate format to PEM format:
openssl x509 -inform DER -in my-certificate.crt -out my_certificate.pem -outform PEM
Execute the command below to convert the certificate chain to PEM format:
openssl x509 -in my-certificate-chain.crt -out my_certificate-chain.pem -outform PEM
Upload the Certificate to AWS Using CLI
For those of you comfortable using the command line interface (CLI), run the command below, modifying it as required, with your certificate files.
Enter the following command in your AWS account to install your SSL certificate on the AWS EC2 instance:
aws iam upload-server-certificate –server-certificate-name myServerCertificate –certificate-body file://public_key_cert_file.pem –private-key file://my_private_key.pem –certificate-chain file://my_certificate_chain_file.pem
Alternatively, you can follow the instructions in the next section to upload your certificates if you want to avoid using the command line interface.
5 Steps to Install SSL Certificate on AWS EC2 Instance
Follow the steps below to upload the certificate to your AWS account:
- Open the AWS Management Console and log in.
- Click on Services > Compute > EC2 > Load Balancers to select your load balancer from the navigation pane.
- On the Listeners tab, click on Edit and then select Add and for the protocol choose HTTPS.
- Under the SSL certificate option, click on Change and from the Certificate type list choose the Upload a new SSL certificate to AWS Identity and Access Management (IAM) option.
- Enter the certificate name, paste the content of the respective certificate files (ensure that they are PEM encoded), and click on Save.
Save 79% on SSL Security Certificates!
Get the lowest prices on trusted SSL certificates from Sectigo. It starts from $8.78/Year only
Shop Now