A successful ssl upload command to cloudfront using a ssl certificate signed by comodo.
This is the cloudfront documentation: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html#CNAMEsAndHTTPS
Here's my successful command:
aws iam upload-server-certificate --server-certificate-name myServerCertificate --certificate-body file:///Users/..../from_comodo.pem --private-key file:///Users/.../server.key.pem --certificate-chain file:///Users/.../chain.pem --path=/cloudfront/production/
Replace /Users/.... with the path to those files. And yes keep the three three slashes in the beginning.
RESPONSE:
{
"ServerCertificateMetadata": {
"Path": "/cloudfront/production/",
"Arn": "SOME_TEXT_HERE/myServerCertificate",
"ServerCertificateId": "SOME_CERTIFICATE_ID",
"ServerCertificateName": "myServerCertificate",
"UploadDate": "2014-06-01T04:53:00.413Z"
}
}- I used heroku's documentation to create the key and csr file. https://devcenter.heroku.com/articles/ssl-endpoint
- Here's what I did: I put COMODORSADomainValidationSecureServerCA.crt first and COMODORSAAddTrustCA.crt second. I put this in a file I created called chain.pem That is the --certificate-chain option.
- I ran openssl x509 -in from_comodo.crt -out from_comodo.pem -outform PEM on the crt that comes back from comodo. That is the -certificate-body option.
- I put server.key in the --private-key option. I ran it through a PEM converter using openssl. But it generated the same file. So I think you can just append .pem to server.key or maybe just submit it as server.key