Installing SSL Certificate on Amazon Web Services (AWS)
The instructions below will outline how to install an SSL certificate on an AWS EC2 instance.
Before You Start
Please make sure you have downloaded your certificate files..
After downloading your certificate, you should have the following certificate files:
- certificate.crt
- cabundle.crt
- privatekey.pem
Upload Certificate via Management Console:
Now that you have downloaded your certificate files, please follow the steps below to install in on your EC2 instance. In summary, you will need to upload your certificate files to IAM and allocate the certificate to your EC2 load balancer instance.
- Log in to your AWS management console and navigate to the EC2 console.
- Navigate to the EC2 Console.
- Choose Load Balancer under the "Network and Security" section.
- Select the load balancer you would like to allocate your certificate to.
- Go to the Listener tab, click on "Edit" and then "Add". Choose "HTTPS" as the protocol. Next, under SSL certificate select "Change" and click on “Upload a new certificate to AWS Identity and Access Management (IAM).”
- Now enter your certificate details: this includes a name for your certificate, your private key (privatekey.pem), the primary certificate file (certificate.crt), and the certificate chain (cabundle.crt) by pasting file contents into the designated areas.
- Finally, click on "Save".
IAM Upload Criteria
When uploading certificate files, IAM will verify if the following criteria are met:
- Certificate files (certificate.crt and cabundle.crt) must be in X.509 PEM format.
- The current date must be between the certificate issuance and expiration date.
- The certificate and private key files should contain only a single item, not multiple items.
- The private key must match the certificate.
- The pivate key must start with
-----BEGIN RSA PRIVATE KEY-----
and end with-----END RSA PRIVATE KEY-----
. - The private key must be encrypted with a password.
Check Installation
Go to SSL Zen Plugin and click on the Next button on Step 3. Our plugin will automatically detect if you have installed the SSL certificate correctly. If you have, click on the Next button in Step 4 and we will replace your website http url with https.
Congratulations, your site has now been secured using your new SSL certificate!