How to Install an SSL/TLS Certificate In Amazon Web Services (AWS)

The following instructions will guide you through the SSL installation process on Amazon Web Services (AWS). If you have more than one server or device, you will need to install the certificate on each server or device you need to secure. If you still have not generated your certificate and completed the validation process, reference our CSR Generation Instructions before going through the steps below.

Because Amazon Web Services involves a variety of web hosting services, we highly recommend consulting Amazon’s documentation to fully understand generating/uploading/configuring your SSL. Because AWS allows for different server configurations, there will be no one size fits all solution for all users.

However, the following steps should allow you to install your SSL certificate in most cases.

What You’ll Need

1. Your server certificate

This is the certificate you received from the CA for your domain. You may have been sent this via email. If not, you can download it by visiting your Account Dashboard and clicking on your order.

2. Your intermediate certificates

These files allow the devices connecting to your server to identify the issuing CA. There may be more than one of these certificates. If you got your certificate in a ZIP folder, it should also contain the Intermediate certificates, which is sometimes referred to as a CA Bundle. If not, download the appropriate CA Bundle for your certificate.

3. Your private key

This file should be on your server, or in your possession if you generated your CSR from a free generator tool. On certain platforms, such as Microsoft IIS, the private key is not immediately visible to you but the server is keeping track of it

Installation Instructions

1. Convert the server certificate to PEM format

Enter the following command to convert the server certificate format to PEM:

openssl x509 -inform PEM -in my-certificate

2. Convert the intermediate(s) to PEM format

Enter the following command to convert the certificate chain:

openssl x509 -inform PEM -in my-certificate-chainEnter the following upload-server-certificate command in your AWS account:

3. Upload to your AWS account

Enter the following upload-server-certificate command in your AWS account:

aws iam upload-server-certificate –server-certificate-name my-server-cert –certificate-body file://my-server-certificate.pem –private-key file://my-private-key.pem –certificate-chain file://my-certificate-chain.pem

Note: If any errors occur, reference your AWS documentation.

4. Configure an HTTPS listener

This AWS documentation will walk you through how to configure an HTTPS listener for Your Classic Load Balancer.

Congratulations! You’ve successfully installed your SSL certificate! To check your work, visit the website in your browser at https://yourdomain.tld and view the certificate/site information to see if HTTPS/SSL is working properly. Remember, you may need to restart your server for changes to take effect.

Posted: January 18, 2018
SSL Retail SSL Retail support
Was this article helpful? Yes No


    Add comment

    To add a comment please sign up or login

    Supercharge Your Business with EV SSL

    EV SSL bring your business to new heights, we offer industries leading EV certificates at lowest prices. EV SSL product is highly secure and most trusted certificate which display your business name on the browser addressbar with secure padlock. Customers or website visitors can verify name, existance, operating status and domain control of the business by clicking on the trusted dynamic site seal. High warranty amount, mobile friendly, Anti-malware Scan and minimum issuance time make it a precious value. EV SSL also highly increase SEO ranking and performance of your business website.

    So Quickly Display Your Business Name in the SSL certificate
    With Easy Validation and 24x7 Support

    Join us! for Lowest Price and Highest Satisfaction

    Get Discounts, Offers and SSL Alerts