hi, I'm trying to import a letsencrypt ssl certificate. It is working ok with apache on a EC2 server, but I keep getting errors when importing to ACM.
The certificate file which works is actually a bundle with the certificate itself and the chain, so I proceed to extract it:
openssl x509 -in mycert.crt -out chain.pem -outform PEM
This just cuts the first part of the crt file, starting from ----BEGIN CERTIFICATE ---- to ---END CERTIFICATE ---. I paste this on the ACM form.
The key is a few lines base64 encoded enclosed in -----BEGIN EC PRIVATE KEY-----
and ---- END EC PRIVATE KEY-----. I paste this as is.
Then the chain I tried a number of things: pasted the two remaining certificates from the original crt file, extracted them from the live site, and a few more I dont remember. Also tried inverting first and second in case they are swapped.
No matter what I try always get the no valid PEM format error.
The pasted code looks like this:
-----BEGIN CERTIFICATE-----
.....base64 stuff ....
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
.....base64 stuff....
-----END CERTIFICATE-----
Please advice
Hi comrade I seem to have the same issue and opened a topic @ Let's Encrypt to get a hint how to solve this behavior: https://community.letsencrypt.org/t/aws-certificate-manager-acm-error-the-certificate-chain-provided-is-not-in-a-valid-pem-format/185556 Greetings Cyrill