Installing SSL Certificate on Amazon Web Services (AWS)

o install an SSL certificate on an AWS service, the specific steps can vary depending on the AWS service you are using. Here, I'll provide general instructions for installing an SSL certificate on Amazon Web Services. The process typically involves creating or importing an SSL certificate, associating it with a resource (e.g., an EC2 instance or a load balancer), and configuring your service to use HTTPS.


  • To convert your .cer into different file formats, Utilize our eMudhra utility tool to seamlessly transform your files into .cer, .pfx (.p12), .jks, or .pem formats, and conveniently import zip files using our CSR tool."

Here are the general steps to install an SSL certificate on AWS, Choose one of the two installation methods below for installing the SSL Certificate.

Upload Certificate via Management Console

Now that you have downloaded your certificate files, please follow the steps below to install in on your EC2 instance. In summary, you will need to upload your certificate files to IAM and allocate the certificate to your EC2 load balancer instance.

  1. Log in to your AWS management console and navigate to the EC2 console.

  2. Navigate to the EC2 Console.

  3. Choose Load Balancer under the "Network and Security" section.

  4. Select the load balancer you would like to allocate your certificate to.

  5. Go to the Listener tab, click on "Edit" and then "Add". Choose "HTTPS" as the protocol. Next, under SSL certificate select "Change" and click on "Upload a new certificate to AWS Identity and Access Management (IAM)."

  6. Now enter your certificate details: this includes a name for your certificate, your private key (private.key), the primary certificate file (certificate.crt), and the certificate chain (ca_chain.crt) by pasting file contents into the designated areas.

  7. Finally, click on the "Save" button.

Upload Certificate via CLI

Alternatively, you can also use the AWS command-line interface (CLI) in order to upload your certificate files to IAM. To use the AWS command-line interface for uploading your certificate to an EC2 instance, please follow the steps below.

Important Note: Please note order for your upload to work, you may be required to rename your .crt files to .pem. To convert the file format you can use our eMudhra CSR generator tool. In case if you do not have tool in place Click here to download the tool.

You can use the following command in order to upload your certificate files to IAM: The certificate_object_name parameter above can be used to provide a name for your certificate object. Please also note that when you specify a file as a parameter (e.g. for certificate-body), file:// must be included.

aws iam upload-server-certificate --server-certificate-name certificate_object_name --certificate-body file://certificate.crt --private-key file://private.key --certificate-chain file://ca_bundle.crt

IAM Upload Criteria When uploading certificate files, IAM will verify if the following criteria are met:

  • Certificate files (certificate.csr and ca_bundle.crt) must be in X.509 PEM format.

  • The current date must be between the certificate issuance and the expiration date.

  • The certificate and private key files should contain only a single item, not multiple items.

  • The private key must match the certificate.

  • The private key must start with -----BEGIN RSA PRIVATE KEY----- and end with -----END RSA PRIVATE KEY---.

  • The private key must be encrypted with a password.

Check Installation

You have completed all the required steps to install your SSL certificate. Verify that the SSL certificate is correctly installed by accessing your website or service using HTTPS. After installing your certificate, it is a good practice to test your SSL setup using various online tools to ensure everything is working correctly.

Last updated

© eMudhra. All Rights Reserved.