AMAZON WEB SERVICES –
CREATE CSR AND INSTALL SSL CERTIFICATE

Use the instructions on this page to use OpenSSL to create your certificate signing request (CSR) and then upload and implement your SSL certificate in your AWS instance.

HOW TO GENERATE A CSR FOR AWS USING OPEN SSL

If you prefer, you can build your own shell commands for generating your AWS CSR.

  • Use your terminal client (ssh) to log into your server/workstation.
  • At the prompt, enter the following command:

Note: Make sure to replace server with the name of your server/workstation.

openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr

  • You have now started the process for generating the following two files:
    • Private-Key File – For the decryption of your SSL certificate
    • CSR File – For ordering your SSL certificate
  • When prompted for the Common Name (domain name), type the fully qualified domain (FQDN) for the site that you are going to secure.

Note: If generating a AWS CSR for a TRUSTZONE SSL Wildcard, the common name should begin with an asterisk (e.g., *.example.com).

  • When prompted, type your organizational information, beginning with your geographic information.

Note: You may have already set up default information.

  • Open the .csr file that you created with a text editor.
  • Copy the text, including the

—–BEGIN NEW CERTIFICATE REQUEST—–
and
—–END NEW CERTIFICATE REQUEST—– 

tags, and paste it into the TRUSTZONE order form.

  • Save the (back up) the generated .key file. You need it later when installing your SSL certificate.
  • After receiving your SSL certificate from TRUSTZONE, you can install it.

 

AWS: HOW TO INSTALL YOUR SSL CERTIFICATE
  • Copy the Certificate File to Your Server/Workstation

Download your Intermediate (IntermediateCA.crt) and SSL certificate (your_domain_name.crt) files from your TRUSTZONE account, then copy them to the directory on your server/workstation where you will keep your certificate and key files. Make them readable by root only.

  • Upload your SSL certificate

Next, you need to upload the certificate files (your_domain_com.key, your_domain_com.crt, and IntermediateCA.crt) to your AWS account.

  • Implement your SSL certificate

To implement your SSL certificate for your instance of AWS, consult the AWS Documentation.

Note: Because all instances of Amazon Web Service (AWS) are unique, it is best to consult the Amazon documentation for instructions on how to install and configure your SSL certificate for you AWS instance.

 

Last updated: August 2, 2017