I've just purchased a SSL key from 123-reg with the intention of using it on the Amazon AWS Elastic load balancers.
The process I followed is:
Create a private key on ubuntu 12.04 with openssl:
- openssl genrsa -des3 -out my.key.here.key 2048
(output text begings with -----BEGIN RSA PRIVATE KEY-----)
Use that to create a CSR
- openssl req -new -key my.key.here.key -out my.key.here.csr
Used that CSR to paste into the 123-Reg order form and paid for my order.
Waited for GlobalSign to respond with my Intermediate + Public Certificate which was sent in an email.
Copied the contents of the Intermediate text into a file called gs_intermediate_ca.crt (the file begins with -----BEGIN CERTIFICATE-----)
Copied the contents of the public key text into a file called public.crt (the file begins with -----BEGIN CERTIFICATE-----)
Now on AWS I've copied the Private key contents into the Private Key box, the public certificate contents into the Public Certificate box and the intermediate certificate contents to the certificate chain box. Click save and I get:
"Public Key Certificate and Private Key doesn't match"
What do I need to do to get them to match? Does the Public Key Certificate also need to be RSA encoded? If so how do I do that?
More info:
When I do this:
openssl x509 -noout -text -in my.key.here.crt
I get
unable to load certificate 139799175571104:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:696:Expecting: TRUSTED CERTIFICATE