Convert SSL certificate to use with Amazon CloudFront

Hi there,
I setup a S3 based web site on Amazon and it works. then I tried to active SSL on that. I got a certificate from Comodo, the file I revived is  one file with .cer extension. For Amazon to accept the certificate it asks for following 3 files. How can I get these files?

--certificate-body file://public_key_cert_file.pem
--private-key file://my_private_key.pem
--certificate-chain file://my_certificate_chain_file.pem

http://docs.aws.amazon.com/cli/latest/reference/iam/upload-server-certificate.html

Thanks
exsasanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David SankovskySenior SysAdminCommented:
That might be slightly tougher that you think.
As far as I know, the private key can only be obtained from the server the CSR was issued from after it was already signed. If you can first sign it on the server level, you should then be able to use this guide.

I could be mistaken however, so I'd try to contact Amazon for assistance, or wait for other experts to comment as well.
0
Shalom CarmelCTOCommented:
You can't use SSL with a custom domain directly on S3, you must use a CDN.
Cloudfront is the default option for a CDN, however it is neither the fastest nor the cheapest, just the default. If you expect traffic bigger than 500GB/month, it may be worthwhile to check alternatives.
To create a CSR for Comodo, you had to create a private key in the process. Find it, or you can't use the certificate at all. Thsi is the file for --private-key
In your Comodo account, ask to re-issue the certificate. Ask it for Apache, this is the file you need for --certificate-body
Comodo give you an option to download what they may call a CA bundle. This is the intermediate cert
If you can't find the intermediate/bundle, ask Comodo support and they will gladly provide it
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
SSL / HTTPS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.