Menu
I'm having trouble. I followed a guide that I found here
http://www.thenetworkadministrator.net/index.php/2011/12/iis-ssl-certificate-into-amazon-elastic-load-balancer/
And exported by cert and created all those files, but it doesn't tell you which file goes in which field. I tried what I think is all the combinations but it doesn't accept it
I Setup the balancer as follows
Then I try to setup the certificate
Then you can see it tells me it's invalid.
In case it helps I exported from IIS and followed the tutorial on the link provided and the certificate is a DigiCert Wildcard Certificate ie (*.domain.com)
611
You can configure up to the maximum number of SSL certificates per target HTTPS or target SSL proxy. Use multiple SSL certificates when you are serving from multiple domains using the same load balancer IP address and port, and you want to use a different SSL certificate for each domain.
Please read the post: AWS Load Balancer SSL limitations. The following solution worked for me:
openssl rsa -in server.key -text
Then copy and paste the produced output between (including):
-----BEGIN RSA PRIVATE KEY-----
and
-----END RSA PRIVATE KEY-----
AWS Load Balancer had accepted this key successfully.
124
Hmmh, everything looks correct at first sight, but let's double check on a few details.
And exported by cert and created all those files, but it doesn't tell you which file goes in which field.
I can't quite follow, insofar the linked guide clearly states where to put he files:
When prompted for the certificate keys do the following:
- Open the file server.key that was created from above with openssl and paste into the Private Key textbox
- Open the file cert.pem that was created from above with openssl and copy the text from —-BEGIN till the end of the file and paste that into Public Key Certificate textbox
Note: I did not put anything into the certificate chain
The screenshot you provided indicates you have chosen the correct combination in fact, however ...
I tried what I think is all the combinations but it doesn't accept it
... I assume you have deliberately shortened the textarea input widgets for Private Key and Public Key Certificate to decrease image size or hide the actual keys? Otherwise the text to be pasted has mostly gone lost somehow, insofar it should look something like:
-----BEGIN CERTIFICATE-----
MIICeDCCAeGgAwIBAgIGAOABb24uY29tMQwwCgb3DQEBBQUAMFMxCzAJBgNVBAYT
[...]
A WHOLE LOT MORE HEX DIGITS HERE!
[...]
q04lCMxITAfBgNVBAMTAAJW26+adw9C063H7I846ZbxHl6BkcTPsjL3b5JoZhyim
jbzH4dktTFNIkX4o
-----END CERTIFICATE-----
In this regard another cause might be addressed by this answer to Public key and private cert don't match:
Looks like the issue was the way in which I was copying the contents of the key and certs into the AWS Management console. I was using an Ubuntu desktop running in Virtual Box [...] Once I opened the key and cert files on the same box as the web browser (Windows in this case) the certs went through just fine. I'm guessing some parts of the file aren't making it over correctly when using the shared clip board between Virtual Box client and host.
Given the high probability of special characters appearing in the hex dump, this is entirely possible for various similar copy&paste scenarios as well, e.g. between SSH terminals with erroneous character encoding settings etc.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
