Skip to content

Instantly share code, notes, and snippets.

@wojtekdmyszewicz

wojtekdmyszewicz/gist:5dfce532c7ceb973d300ccc65a0bdca3

Created July 12, 2019 18:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save wojtekdmyszewicz/5dfce532c7ceb973d300ccc65a0bdca3 to your computer and use it in GitHub Desktop.
Save wojtekdmyszewicz/5dfce532c7ceb973d300ccc65a0bdca3 to your computer and use it in GitHub Desktop.
Download ZIP
AWS loadbalancer SSL config
Raw
gistfile1.txt
# Request SSL certificate and configure AWS loadbalancer
## Request a ssl certificate (i.e. Comodo, Symantec)
1. openssl req -utf8 -nodes -sha256 -newkey rsa:2048 -keyout domainname_com.key -out domainname_com.csr
2. cat domainname_com.csr
3. request ssl
## Configure AWS loadbalancer
### PEM encode private key
1. openssl rsa -in ./domainname_com.key -outform PEM -out domainname_com.key.pem
2. cat domainname_com.key.pem
### PEM encode certificate
1. openssl x509 -in domainname_com.crt -outform pem -out ./pem/domainname_com.crt.pem
2. cat domainname_com.key.pem
### PEM encode root certificates
1. openssl x509 -in ./Root\ Certificates/AddTrustExternalCARoot.crt -outform pem -out ./pem/AddTrustExternalCARoot.crt.pem
2. openssl x509 -in ./Root\ Certificates/RSAAddTrustCA.crt -outform pem -out ./pem/RSAAddTrustCA.crt.pem
3. openssl x509 -in ./Root\ Certificates/RSAExtendedValidationSecureServerCA.crt -outform pem -out ./pem/RSAExtendedValidationSecureServerCA.crt.pem
### Create PEM encoded CAChain
1. cat ./pem/RSAExtendedValidationSecureServerCA.pem > ./pem/CAChain.pem
2. cat ./pem/RSAAddTrustCA.pem >> ./pem/CAChain.pem
3. cat ./pem/AddTrustExternalCARoot.pem >> ./pem/CAChain.pem
### Upload with AWS CLI or create it manualy in ACM
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment