Uploading the Server Certificates to the AWS Identity and Access Management

This section describes the typical steps required to upload the server certificates that you have created in the section Creating Certificates and Keys for TLS Authentication to the AWS IAM service.

To upload the server certificate, takes a single command. On the Linux instance, run the following command to upload the server certificate to the AWS IAM service.

aws iam upload-server-certificate --server-certificate-name CertificateName --certificate-body file://path/to/server-certs --certificate-chain file://path/to/ca-certs --private-key file://path/to/server-key

For example:

aws iam upload-server-certificate --server-certificate-name CertificateName --certificate-body file://path/to/iap-wildcard.crt --certificate-chain file://path/to/iap-ca.crt --private-key file://path/to/iap-wildcard.key

The command returns the metadata of the uploaded certificate as an output. The metadata contains the Amazon Resource Name (ARN) for the certificate. You must specify this ARN in the SSLCertificate parameter of the CloudFormation template that you use to create the Auto Scaling Group.

For more information about uploading a server certificate to the AWS IAM, refer to the section Uploading a Server Certificate (AWS API).

For more information about the upload-server-certificate command, refer to the section upload-server-certificate in the AWS CLI Command Reference documentation.