Want to create self-signed certificate for local production and work around in AWS account? Although you can use ACM certificate makes it much easier. :P
This post is in brief, since most of the stuff is self explainatory.
Remember self-signed certificate is created by you and will not be seeking any identity on the internet. You kinda need to involve third party.
Quick commands for generating self-signed certificate
- Create directory to maintain all self signed certificate
cd /etc/ssl mkdir localcerts
- command for generating self-signed certificate, followed by certaing fill ups
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/localcerts/self-signed.key -out /etc/ssl/localcerts/self-signed.crt fill the entry # Fill it as per requirement Country Name (2 letter code) [AU]:IN State or Province Name (full name) [Some-State]: ?? Locality Name (eg, city) : ?? Organization Name (eg, company) [Internet Widgits Pty Ltd]:? Organizational Unit Name (eg, section) : ??? Common Name (e.g. server FQDN or YOUR name) : domain/IP Email Address :??
- Check what you got
pwd /etc/ssl/localcerts ls self-signed.crt self.sogned.key
- Upload in AWS Certificate Manager, here is quick command for it.
sudo aws acm import-certificate --certificate file://self-signed.crt --private-key file://self-signed.key --region <here> --profile <here>
- Update the Listener port in ELB
There you go all set!
This I tried for fun but if working with AWS I would rather suggest use ACM certificate provided by AWS
Happy Learning !