How to install a Thawte SSL certificate on Amazon Elastic Load Balancer?

amazon-ec2 ssl amazon-elb
10,723
  1. Certificate name is your choice - it is just to identify the certificate later
  2. Private Key is the key (PEM, base-64) you generated when you created your CSR - you will copy and paste the entire file into the field, from -----BEGIN RSA PRIVATE KEY----- to -----END RSA PRIVATE KEY----- (inclusive).

  3. Public Key is the PEM encoded, based 64 verion of what obtained from Thawte (X.509). Copy the contents of the X.509 into a text editor (e.g. vi), save it with a .cer extension. Use OpenSSL to display it in the needed format:

    openssl x509 -inform DER -in yourfilefromthawte.cer

    Copy and paste the output from -----BEGIN CERTIFICATE----- to -----END CERTIFICATE----- (inclusive) into the field.

  4. Certificate Chain is the Thawte CA bundle that you can download from their site. For Thawte's SSL Web Server and Wildcard certificates (may be different if you have a different certificate type), their CA bundle is available from their site. (Download the 'Bundled CA version', it is already in PEM format, copy and paste the entire file (both certificates) into the field)

Check out this AWS thread for more information (although that is Verizon specific, the basic ideas apply).

Share:
10,723

Related videos on Youtube

Geuis
Author by

Geuis

Updated on September 18, 2022

Comments

  • Geuis
    Geuis over 1 year

    Here's my situation. We've generated an SSL certificate from Thawte for a site we're hosting on EC2. We have our servers load balanced using Elastic Load Balancer.

    Thawte gives us one PKCS signed certificate. When I go to the Amazon console to generate a new load balancer so that I can attach the certificate it requires 4 fields:

    Certificate Name
Private Key
Public Key
Certificate Chain

    Where I'm getting confused is that we only have the 1 certificate, yet the private & public keys are expected to be different.

    What's the process to complete this?

  • Geuis
    Geuis almost 13 years
    That makes a little more sense. However I'm not sure if it gets me all the way there. On the Thawte console, I have the option to show the key as either PKCS #7 or X.509. Do I use the same process you described to extract the public/private keys from either of those documents?
  • Zoredache
    Zoredache almost 13 years
    Grab the X.509 download. I haven't used Amazon, but I would bet that is the format you want. I suspect the x.509 option will be a zip file with the various things separated.
  • Geuis
    Geuis almost 13 years
    Sadly its not a download. The literally provide a textarea with the x.509 key as copy/paste.
  • cyberx86
    cyberx86 almost 13 years
  • Geuis
    Geuis almost 13 years
    @cyberx86 thanks, I already have the link. That's not the problem, its getting the 2 keys in order to fill the fields.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure my Elastic Load Balancer to balance SSL traffic?
Install SSL on Amazon Elastic Load Balancer with GoDaddy Wildcard Certificate
Setting Up ELB with SSL - What is Backend Authentication?
AWS Load Balancer: 503 (Service Unavailable: Back-end server is at capacity)
ELB, EC2, Instance has failed at least the UnhealthyThreshold number of health checks consecutively
Change ssl port of apache2 server. (ERR_SSL_PROTOCOL_ERROR)
Does AWS Application load balancer actually support compression?
How to solve AWS ELB/EC2 HTTP 503 with timeout settings?
curl: (60) SSL certificate problem: unable to get local issuer certificate
CloudFront Dynamic Content & Apache using Multiple Virtual Hosts