installing GoDaddy SSL in Amazon ec2 user

0
votes

I'm stuck at this point:

Generating a Certificate Signing Request (CSR) - Apache 2.x

  1. Enter the following at the command prompt:openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr Replace yourdomain with the domain name you're securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.

what I did was

openssl req -new -newkey rsa:2048 -nodes -keyout 180.21.80.1.key -out 180.21.80.1.csr

I used the public IP address of my t1 instance. I have generated a key and CSR files.

180.21.80.1.key

180.21.80.1.csr

like this. Now its ready to copy and paste in go daddy.

my question is:

  • Is what I'm doing correct?
  • Do I have to create a name for my IP address, like domains?
  • Is it okay if I make mistakes? It's editable, right?
2
sslamazon-web-servicesamazon-ec2

2 Answers

5
votes

With reference to the link you mentioned try following steps

  1. Ensure that you have installed mod_ssl and it is running.
  2. Upload your certificates on Instance say /home/ec2-user/ssl
  3. Edit /etc/httpd/conf.d/ssl.conf
  4. Find below lines and replace accordingly (Verify the filename and path are correct)
    • SSLCertificateFile /home/ec2-user/ssl/certs/site.com.crt
    • SSLCertificateKeyFile /home/ec2-user/ssl/keys/site.key
    • SSLCACertificateFile /home/ec2-user/ssl/ssl_files/gd_bundle.crt
  5. Restart Apache
0
votes

That looks right. Generally people don't use ip addresses as names of certs and csr's, they use hostnames, but I don't see why it wouldn't work. Also it's SUPER easy to add it to an ELB(aws load balancer) as opposed to configuring apache for it, so if you have your server(s) hidden behind an ELB, or you think you will add more servers at a later point it can be a little more convenient.