1

We created a SSL/TLS certificate using AWS Certificate Manager. Assigned that certificate to an Application Load Balancer. We checked the URLs through online ssl certificate checker https://www.digicert.com/help/ and noticed at the bottom of page error "the server is not sending the required intermediate certificate". Is there a way to configure/use AWS Certificate Manager to include the intermediate certificate On that load balancer

Hasan Hafiz Pasha
  • 1,402
  • 2
  • 17
  • 25

1 Answers1

1

To Associate an ACM SSL certificate with an Application Load Balancer, follow the below steps -

  1. Open the Amazon EC2 console.
  2. In the navigation pane, choose Load Balancers, and then choose your Application Load Balancer.
  3. Choose Add listener.
  4. For Protocol, choose HTTPS.
  5. For port, choose 443.
  6. For Default action(s), choose Forward to, and then select your ALB target group from the dropdown list.
  7. For Default SSL certificate, choose From ACM (recommended) and then choose the ACM certificate.
  8. Choose Save.

Note: Application Load Balancers support multiple SSL/TLS certificates using Server Name Identification (SNI). If you request a public certificate from ACM, you can't export private keys for ACM issued public certificates. You can't directly install Amazon-issued certificates on Amazon Elastic Compute Cloud (EC2) instances. Instead, use the certificate with a load balancer, and then register the EC2 instance behind the load balancer.

Subhashis Pandey
  • 1,473
  • 1
  • 13
  • 16
  • We are following this steps to install ACM on our load balancer, our application running fine. But some old device getting this issue "the server is not sending the required intermediate certificate" – Hasan Hafiz Pasha Oct 17 '21 at 13:59
  • You mentioned old device, may be then cache problem, can you clear the cache and try. Also DNS propagation may take time. – Subhashis Pandey Oct 17 '21 at 14:01
  • Our end-point is an API. Previously we server that API using apache. At that time, we provide an intermediate certificate using apache and no issues on the certificate. But recently we are using AWS LOAD-BALANCER and getting that error – Hasan Hafiz Pasha Oct 17 '21 at 14:05
  • ACM works well with ELBs, did you validated domain ownership for an ACM certificate? – Subhashis Pandey Oct 17 '21 at 14:36