ACM import certificate error - The certificate chain provided is not in a valid PEM format.

0

hi, I'm trying to import a letsencrypt ssl certificate. It is working ok with apache on a EC2 server, but I keep getting errors when importing to ACM. The certificate file which works is actually a bundle with the certificate itself and the chain, so I proceed to extract it:

openssl x509 -in mycert.crt -out chain.pem -outform PEM

This just cuts the first part of the crt file, starting from ----BEGIN CERTIFICATE ---- to ---END CERTIFICATE ---. I paste this on the ACM form.

The key is a few lines base64 encoded enclosed in -----BEGIN EC PRIVATE KEY----- and ---- END EC PRIVATE KEY-----. I paste this as is.

Then the chain I tried a number of things: pasted the two remaining certificates from the original crt file, extracted them from the live site, and a few more I dont remember. Also tried inverting first and second in case they are swapped. No matter what I try always get the no valid PEM format error. The pasted code looks like this:

-----BEGIN CERTIFICATE-----
.....base64 stuff ....
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
.....base64 stuff....
-----END CERTIFICATE-----

Please advice

asked 3 months ago48 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions