If you have a .pem (Privacy Enhanced Mail) and .key file, you can update an SSL certificate in AWS using the AWS Certificate Manager (ACM). Here are the steps you need to follow:
- Access the AWS Console and navigate to AWS Certificate Manager.
- Select the region where you want to manage your certificate.
- On the ACM page, click 'Provision certificates' and then 'Get started' under 'Import a certificate'.
- On the import page, you need to fill in three fields: Certificate body, Certificate private key, and Certificate chain.
If your .pem file includes three distinct parts (usually identified by "BEGIN CERTIFICATE" and "END CERTIFICATE" for each certificate), it contains the server certificate (your own certificate), followed by the intermediate certificate chain.
5. In the 'Certificate body' field, copy and paste only the first block of your .pem file, which corresponds to your server certificate.
6. In the 'Certificate private key' field, copy and paste the content of your .key file.
7. In the 'Certificate chain' field, copy and paste the remaining blocks of your .pem file, which correspond to the intermediate certificate chain. If you don't have a chain certificate file, you can leave this field blank.
- After filling in these fields, click 'Review and import'.
- If everything is correct, click 'Import' to import the certificate.
Remember that you need to have suitable IAM permissions to perform these operations. If you encounter any problems, check whether your certificate and private key are in the correct format and whether you have the correct permissions to access ACM.
Also, keep in mind that after importing the certificate, you will have to update any service that was using the old certificate to use the new imported certificate.