Skip to content

Instantly share code, notes, and snippets.

@keremtiryaki

keremtiryaki/howTo.md

Last active March 30, 2016 15:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save keremtiryaki/e781802d1e4b7fd126a1 to your computer and use it in GitHub Desktop.
Save keremtiryaki/e781802d1e4b7fd126a1 to your computer and use it in GitHub Desktop.
Download ZIP
how to create a self signed certificate and upload to AWS
Raw
howTo.md

####how to create a self signed certificate and upload to AWS AMI

openssl genrsa -out my-private-key.pem 2048
openssl req -sha256 -new -key my-private-key.pem -out csr.pem

You will be asked with these questions ( more info: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html )

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:TEXAS
Locality Name (eg, city) []:AUSTIN
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACOMPANY
Organizational Unit Name (eg, section) []: (optional)
Common Name (e.g. server FQDN or YOUR name) []: subname.domain.com
Email Address []: name@domain.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: (optional)
An optional company name []: (optional)

To create a self-signed certificate, use the following command:

openssl x509 -req -days 365 -in csr.pem -signkey my-private-key.pem -out my-certificate.pem

Create chain

openssl x509 -inform PEM -in my-certificate.pem > my-certificate-chain.pem

Upload

aws iam upload-server-certificate --server-certificate-name testcer --certificate-body file://my-certificate.pem --private-key file://my-private-key.pem --certificate-chain file://my-certificate-chain.pem

show list

aws iam list-server-certificates

Delete

aws iam delete-server-certificate --server-certificate-name testcer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment