0

I intend on using an AWS Certificate Manager (ACM)-generated SSL certificate on my load balancer (in front of a Node.js app cluster). The APIs would be in turn called by an iOS app, for which I would apparently need to put in my resources as a .der file.

However, to convert to a .der (using the command openssl x509 -inform PEM -outform DER -in cert.pem -out cert.der), I need the corresponding .pem file for the certificate. How do I go about generating the same? I couldn't find anything in the ACM documentation to help with the same....

Appreciate your help...

Viccari
  • 9,029
  • 4
  • 43
  • 77
vikram17000
  • 453
  • 5
  • 18

1 Answers1

4

Found the answer!

Need to attach ACM policy to the instance IAM role, and then run:

aws acm get-certificate --certificate-arn ACM-CERTIFICATE-ARN --region ACM-CERTIFICATE-REGION

This would generate the certificate chain and the certificate. Take the certificate first, and then the chain, and copy into a .pem. We'll need to remove the \n and fold the length of the file to only be a max of 64 chars.

Finally, run the command I pasted earlier above, i.e. openssl x509 -inform PEM -outform DER -in cert.pem -out cert.der. That would generate the .der file which we can now integrate in the iOS bundle!

vikram17000
  • 453
  • 5
  • 18