How to Create SSL certificate from AWS Certificate manager

You are currently viewing How to Create SSL certificate from AWS Certificate manager
create an ssl certificate using aws cm

In this article, I will show you, how you can create SSL certificate using AWS certificate manager. AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates.

To do this first, we need to provision an EC2 instance, which is described here. After that, we need to install Apache 2.4, PHP7.2 and other required php extensions.

These are the commands to setup a web server

#update the yum package 
sudo yum update -y

#install php7.2, apache2.4 and required php extensions 
sudo yum install -y httpd24 php72  php72-mysqlnd php72-mbstring
sudo yum install -y php72-mcrypt php72-zip php72-intl php72-gd

#start the apache server 
sudo service httpd start

#set apache to auto start at boot time 
sudo chkconfig httpd on

#create a group www and assign user apache and ec2-user over there. 
sudo groupadd www
sudo usermod -a -G www ec2-user
sudo usermod -a -G www apache
sudo chown -R ec2-user /var/www
sudo chgrp -R www /var/www
sudo chmod 2775 /var/www
find /var/www -type d -exec sudo chmod 2775 {} +
find /var/www -type f -exec sudo chmod 0664 {} +

#set writable permission to session folder (optional )
sudo chmod 0777 /var/lib/php/7.2/session

#reboot apache to take effect the changes 
sudo service httpd restart

#optional installation of codedeployment agent 
sudo yum install ruby
sudo yum install wget
cd /home/ec2-user
chmod +x ./install
sudo ./install auto
sudo service codedeploy-agent start

Then create a CloudFront for the site.

Set the CNAME value of the domain in cloudfront settings.

Now point your domain to cloudfront.

That’s it. You have successfully install SSL certificate on your site using AWS Certificate manager. The video is given here

Atiqur Rahman

I am MD. Atiqur Rahman graduated from BUET and is an AWS-certified solutions architect. I have successfully achieved 6 certifications from AWS including Cloud Practitioner, Solutions Architect, SysOps Administrator, and Developer Associate. I have more than 8 years of working experience as a DevOps engineer designing complex SAAS applications.

Leave a Reply