Upload PKCS#12 Server Certificates to AWS

AWS IAM Certificate Manager

1. Extract RSA Private key

openssl pkcs12 -in CERTIFICATE.PFX -nocerts -nodes -out private.key
openssl rsa -in private.key -out private-rsa.key

2. Extract Certificate

openssl pkcs12 -in CERTIFICATE.PFX -clcerts -nokeys -out certificate.crt

3. Extract Certificate Chains

openssl pkcs12 -in CERTIFICATE.PFX -cacerts -nokeys -out certificate-chain.crt

4. Trimming  Certificates for AWS

sed -ne '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/ p' certificate.crt > certificate-trim.crt
sed -ne '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/ p' certificate-chain.crt > certificate-chain-trim.crt

5. Upload Key & Certificates to AWS via CLI

aws iam upload-server-certificate --profile profile --server-certificate-name domain.com --certificate-body file://certificate-trim.crt --private-key file://private-rsa.key --certificate-chain file://certificate-chain-trim.crt

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.