####how to create a self signed certificate and upload to AWS AMI
openssl genrsa -out my-private-key.pem 2048
openssl req -sha256 -new -key my-private-key.pem -out csr.pem
You will be asked with these questions ( more info: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html )
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:TEXAS
Locality Name (eg, city) []:AUSTIN
Organization Name (eg, company) [Internet Widgits Pty Ltd]:ACOMPANY
Organizational Unit Name (eg, section) []: (optional)
Common Name (e.g. server FQDN or YOUR name) []: subname.domain.com
Email Address []: [email protected]
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: (optional)
An optional company name []: (optional)
To create a self-signed certificate, use the following command:
openssl x509 -req -days 365 -in csr.pem -signkey my-private-key.pem -out my-certificate.pem
Create chain
openssl x509 -inform PEM -in my-certificate.pem > my-certificate-chain.pem
Upload
aws iam upload-server-certificate --server-certificate-name testcer --certificate-body file://my-certificate.pem --private-key file://my-private-key.pem --certificate-chain file://my-certificate-chain.pem
show list
aws iam list-server-certificates
Delete
aws iam delete-server-certificate --server-certificate-name testcer