I need to terminate SSL at an AWS ELB instance. IT/Ops has provided me with a ZIP file with the following contents:
DigiCertCA2.pemTrustedRoot.pemwildcard_example_com.crtwildcard_example_com.csrwildcard_example_com.keywildcard_example_com.pem
(In reality the domain is obviously not example.com; but this is a wildcard cert for our own domain.)
According to the ELB/SSL docs:
If you have a certificate ready to upload, select Upload a new SSL Certificate to AWS Identity and Access Management (IAM). Enter the name of the certificate. In Private Key, copy and paste the contents of the private key file (PEM-encoded). In Public Key Certificate, copy and paste the contents of the public key certificate file (PEM-encoded). In Certificate Chain, copy and paste the contents of the certificate chain file (PEM-encoded), unless you are using a self-signed certificate and it's not important that browsers implicitly accept the certificate.
However, I'm not sure which cert is the "Certificate Chain File", or if that is even necessary. I believe these certs are signed by a root/trusted CA (not self-signed).
I have no preference whether I do this in the web console or the AWS CLI tool, but what steps/actions do I need to take with my specific files in order to get the ELB properly configured with SSL?
