Best IT Recipes

AWS: "Unable to parse certificate. Verify that the certificate is in PEM format."

I am trying to renew a wildcard certificate for EC2 instances on AWS. The service to which these servers belong consists of one server and a set of servers per AWS ELB.

The certificate has been successfully updated and verified on one server.

The same is true for the instance captured from the image that ELB uses for AutoScaling.

However, when I try to add a new certificate to the load balancer, I get the above error. I am sure that the certificate is correct and is in PEM format. At first I tried through the web console, and then used aws command line tools with the same result.

Has anyone encountered a similar problem recently?

+43
amazon-web-services amazon-elb ssl-certificate
Mar 03 '14 at 14:57
source share
3 answers

I just ran into the same problem: the web console and the AWS CLI report the same error as they cannot parse the certificate.

The main reason for the error was in the private key - converting my private key to "RSA PRIVATE KEY" fixed the problem:

openssl rsa -in server.key -out server.key.rsa

Then use server.key.rsa in the private key field and leave the public certificate as is.

+77
Mar 04 '14 at 7:09
source share

The AWS CLI requires the file:// prefix for local files . For example file://private.key , file://cert_file , etc.

+76
Apr 23 '14 at 3:30
source share

I just spent the last hour struggling with this issue on the web console. For documentation, I would like to share what fixed the problem for me:

  • Make sure all keys and certificates are in RSA (as shown in Vikram's answer).
  • Make sure the start and end marks ---- TEXT HERE ---- are included in what you upload / copy to the web console.
  • My problem:. The RapidSSL certificates that I acquired on Name.com, when copying to Evernote, led to the conversion of newlines to spaces. I only realized this when I entered the text in Vim, and the monospaced text was not correctly aligned. After a series of f, [space], a, [return] I fixed the file in Vi and now it works. The AWS interface should be smart enough to recover from common mistakes such as this - however, this fixed the problem for me.

Hope this helps save an hour for someone else :)

+2
Sep 30 '15 at 10:09
source share


More articles:


All Articles