Created
July 12, 2019 18:36
-
-
Save wojtekdmyszewicz/5dfce532c7ceb973d300ccc65a0bdca3 to your computer and use it in GitHub Desktop.
AWS loadbalancer SSL config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Request SSL certificate and configure AWS loadbalancer | |
## Request a ssl certificate (i.e. Comodo, Symantec) | |
1. openssl req -utf8 -nodes -sha256 -newkey rsa:2048 -keyout domainname_com.key -out domainname_com.csr | |
2. cat domainname_com.csr | |
3. request ssl | |
## Configure AWS loadbalancer | |
### PEM encode private key | |
1. openssl rsa -in ./domainname_com.key -outform PEM -out domainname_com.key.pem | |
2. cat domainname_com.key.pem | |
### PEM encode certificate | |
1. openssl x509 -in domainname_com.crt -outform pem -out ./pem/domainname_com.crt.pem | |
2. cat domainname_com.key.pem | |
### PEM encode root certificates | |
1. openssl x509 -in ./Root\ Certificates/AddTrustExternalCARoot.crt -outform pem -out ./pem/AddTrustExternalCARoot.crt.pem | |
2. openssl x509 -in ./Root\ Certificates/RSAAddTrustCA.crt -outform pem -out ./pem/RSAAddTrustCA.crt.pem | |
3. openssl x509 -in ./Root\ Certificates/RSAExtendedValidationSecureServerCA.crt -outform pem -out ./pem/RSAExtendedValidationSecureServerCA.crt.pem | |
### Create PEM encoded CAChain | |
1. cat ./pem/RSAExtendedValidationSecureServerCA.pem > ./pem/CAChain.pem | |
2. cat ./pem/RSAAddTrustCA.pem >> ./pem/CAChain.pem | |
3. cat ./pem/AddTrustExternalCARoot.pem >> ./pem/CAChain.pem | |
### Upload with AWS CLI or create it manualy in ACM |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment