I am trying to setup an SSL on AWS coudfront, but have this error, A client error (MalformedCertificate) occurred when calling the UploadServerCertificate operation: Private key was in an unrecognized format., when running the following command:
aws iam upload-server-certificate --server-certificate-name domain.tld --certificate-body file:///home/khine/certs/14595113.crt --private-key file:///home/khine/certs/domain.key --certificate-chain file:///home/khine/Sandboxes/Business/certs/domain.tld.bundle.crt --path /cloudfront/domain.tld/
this is how i setup got my files:
openssl ecparam -out domain.key -name secp384r1 -genkey
openssl req -new -sha256 -key doamin.key -nodes -out domain.tld_ssl.csr
then i user the csr file created to get the certificate for my domain.
i got the following files back:
root@www:/etc/ssl/certs # ls
14595113.crt
COMODOECCExtendedValidationSecureServerCA.crt
AddTrustExternalCARoot.crt
COMODOECCAddTrustCA.crt
domain.tld.bundle.crt
The three files stipulated are;
- Your server certificate in PEM format.
- Your private key in PEM format.
- A certificate chain file.
When I try to convert my key to PEM format, I get the following error:
# openssl rsa -in domain.key -outform PEM -out domain_pem.key
34379118248:error:0607907F:digital envelope routines:EVP_PKEY_get1_RSA:expecting an rsa key:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/evp/p_lib.c:288:
Google returns this http://ift.tt/1b5Ix3v
but no one has answered it.
Any advise on how I can convert the key to PEM format, or if I have missed something in my procedure will be much appreciated.
Aucun commentaire:
Enregistrer un commentaire