Install and configure the AWS Command Line Interface Show archive.org snapshot
Show existing certificates to test if the AWS Cli is working:
$ aws iam list-server-certificates
{
"ServerCertificateMetadataList": [
{
"Path": "/",
"Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-201307-201407",
"ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX",
"ServerCertificateName": "www.example.com-201210-201310",
"UploadDate": "2012-10-10T11:25:35Z"
}
]
}
Upload your certificate:
$ aws iam upload-server-certificate --server-certificate-name www.example.com-2013010-2014010 --certificate-body file://www.example.com.crt --private-key file://www.example.com.key --certificate-chain file://www.example.com.ca-bundle
{
"ServerCertificateMetadata": {
"Path": "/",
"Arn": "arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010",
"ServerCertificateId": "AXXXXXXXXXXXXXXXXXXXX",
"ServerCertificateName": "www.example.com-2013010-2014010",
"UploadDate": "2013-10-22T16:57:36.704Z"
}
}
If you got the error message A client error (MalformedCertificate) occurred: Invalid Private Key.
please look at this card to see how to fix it.
Get the name of your loadbalancer:
$aws elb describe-load-balancers | grep LoadBalancerName
"LoadBalancerName": "example-com",
Update certificate on your loadbalancer:
aws elb set-load-balancer-listener-ssl-certificate --load-balancer-name example-com --ssl-certificate-id arn:aws:iam::5xxxxxxxxxxx:server-certificate/www.example.com-2013010-2014010 --load-balancer-port 443