If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see Amazon Web Services: SSL Certificate CSR Creation.

Amazon Web Services (AWS): Installing Your SSL Certificate

To install your AWS SSL Certificate, complete the steps below.

Importing a SSL Certificate Using the DigiCert Certificate Utility

After we validate and issue your SSL Certificate, you can use the DigiCert® Certificate Utility for Windows to import the file to your Microsoft server.

  1. On the server where you created the CSR, save the SSL Certificate .cer file (i.e. your_domain_com.cer) that DigiCert sent to you.

  2. Run the DigiCert® Certificate Utility for Windows.

    Double-click DigiCertUtil.

  3. In DigiCert Certificate Utility for Windows©, click SSL (gold lock) and then, click Import.

    Import Certificate

  4. In the Certificate Import window, under File Name, click Browse to browse to the .cer (i.e. your_domain_com.cer) certificate file that DigiCert sent you, select the file, click Open, and then, click Next.

    Import Certificate

  5. In the Enter a new friendly name or you can accept the default box, enter a friendly name for the certificate. The friendly name is not part of the certificate; instead, it is used to identify the certificate.

    We recommend that you add DigiCert and the expiration date to the end of your friendly name, for example: yoursite-DigiCert-expirationDate. This information helps identify the issuer and expiration date for each certificate. It also helps distinguish multiple certificates with the same domain name.

    Friendly Name

  6. Click Finish.

Exporting a SSL Certificate in Apache Compatible Format Using the DigiCert Certificate Utility

To make an SSL connection, your server needs two parts, a private key file and the certificate file. Apache (and many other server types) separate these two certificate parts into separate .key file and .crt files.

  1. Run the DigiCert® Certificate Utility for Windows.

    Double-click DigiCertUtil.

  2. In DigiCert® Certificate Utility for Windows, click SSL (gold lock), select the SSL Certificate you want to export, and then, click Export Certificate.

    Export Certificate

  3. In the Certificate Export wizard, select Yes, export the private key, select key file (Apache compatible format), and then, click Next.

    Apache Key File Export

  4. In the File name box, click … to browse for and select the location and file name where you want to save the certificate .key file, and then, click Finish.

    This creates the following files that you will need to upload and implement using your AWS Management Console.

    • Private Key: your_domain_com.key
    • Server Certificate: your_domain_com.crt
    • Intermediate Certificate: DigiCertCA.crt

    File Location

  5. After you receive the "Your certificate and key have been successfully exported" message, click OK.

AWS: Installing Your SSL Certificate

To upload and implement these certificate files (your_domain_com.key, your_domain_com.crt, and DigiCertCA.crt) consult the AWS Documentation.

See AWS Documentation.