安装在AWS上ELB GoDaddy购买SSL证书 [英] install godaddy ssl certificate on aws elb
问题描述
我已经购买GoDaddy的从一个SSL证书。我创建了一个密钥存储文件,从它生成的CSR文件,把它送到GoDaddy的,并得到了这些文件:
- mydomain.crt
- gd_intermediate.crt
- gd_bundle.crt
现在我想创建在AWS控制台的弹性负载均衡。当问及证书的详细信息,他们问:
- 私钥(PEM连接codeD)
- 在公钥证书(PEM连接codeD)
- 在证书链(PEM连接codeD,可选)
如何转换的文件,我有这些参数?
谢谢, 亚伊尔
有关AWS ELB需要三个东西,你说
私有密钥
您在Linux上产生的RSA密钥
#openssl genrsa -des3退房手续host.key 2048
它会询问密码,给它现在,我们将在以后将其删除。
公开键
这是你的私钥首先生成CSR文件,该文件是证书签名请求(您提交给当局的情况下,GoDaddy的获取公共密钥)。您可以使用生成CSR文件
#openssl REQ -new -key host.key退房手续host.csr
现在您提交CSR文件GoDaddy的,作为回报,他们为您提供两个文件(mydomain.crt,gd_bundle.crt)。 mydomain.crt是你的公钥。
证书链
gd_bundle.crt是证书链文件,该文件GoDaddy的为您提供了公共key.your公共密钥和证书链文件,无需任何转换,但你需要删除其密码,并把它转换成PEM与私钥文件
#openssl RSA -in host.key退房手续private.pem
和其所有的好去AWS.put私人key.pem文件内容在AWS的私有密钥部分,并把mydomain.crt文件内容的公共密钥和投入证书链节gd_bundle.crt内容。转换完全取决于从那里你得到你的证书。如果从其他公司获得的证书,我会建议你遵循AWS文档。
<$p$p><$c$c>http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.htmlI've purchased an SSL certificate from godaddy. I've created a keystore file, generated a csr file from it, sent it to godaddy, and received these files:
- mydomain.crt
- gd_intermediate.crt
- gd_bundle.crt
Now I am trying to create an Elastic Load Balancer in AWS console. When asked for a certificate details, they ask for:
- Private Key (pem encoded)
- Public Key Certificate (pem encoded)
- Certificate Chain (pem encoded, optional)
How do I convert the files I have to these parameters?
Thanks, Yair
For AWS ELB you need three thing as you said
Private Key
The rsa key you Generated on linux with
#openssl genrsa -des3 -out host.key 2048
it will ask for password, give it for now we will remove it later.
Public key
from your private key you first Generate csr file which is Certificate Signing Request(the one you submit to authority in your case godaddy to get public key). you can Generate csr file using
#openssl req -new -key host.key -out host.csr
now you submit your csr file to godaddy and in return they provide you two files(mydomain.crt, gd_bundle.crt). mydomain.crt is your public key.
Certificate Chain
gd_bundle.crt is certification Chain file which godaddy provides you with your public key.your public key and certification chain file don't need any conversion but for the private key file you need to remove its password and convert it into pem with
#openssl rsa -in host.key -out private.pem
and its all good to go for AWS.put private key.pem file content in aws private key section and put mydomain.crt file content in public key and put gd_bundle.crt content in certification chain Section. Conversion all depends upon from where you are getting your Certificate. if getting certificate from some other company i will recommend you to follow AWS Docs.
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html
这篇关于安装在AWS上ELB GoDaddy购买SSL证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
