openssl req -new -newkey rsa:2048 -nodes -keyout server-cert.key -out server-cert-sign-req.csr
# Country Name (2 letter code) [AU]:US
# State or Province Name (full name) [Some-State]:California
# Locality Name (eg, city) []:
# Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Great Corp Inc.
# Organizational Unit Name (eg, section) []:
# Common Name (eg, YOUR name) []:www.mycorpdomain.com
# Email Address []:[email protected]
#
# Please enter the following 'extra' attributes
# to be sent with your certificate request
# A challenge password []: <LEAVE THIS BLANK>
# An optional company name []: <LEAVE THIS BLANK>
- Upload server-cert-sign-req.csr to digicert as type "OTHER"
- Now wait for Digicert to tell you your cert is ready...
- Download certificate from digicert: "Other format" -> "A single .pem file containing all the certs"
In EC2 console:
- Create new load balancer
- Upload private key server-cert.key and public certificate .pem to amazon.
- Create an AWS load balancer in ec2 panel
- Step 1) Make a name and add Load Balancer Protocl HTTPS -> HTTP
- Step 2) Upload a new SSL Certificate. Private key is contents of server-cert.key, and Public Key Certificate is contents of .pem
- Use default config (ELBSample-ELBDefaultNegotiationPolicy)
In Route 53 console:
- Create an A record type point its Alias Target to the elastic load balancer created.
SSL certificates can be opaque and annoying. Give yourself a pat yourself on the back - even if it's not working yet - and take a break.
Cheers
thanks alot