After ordering you web server certificate from Symantec you will receive 3 files, below you can see an example of the received three files:
Intermediate certificate: Symantec_Class_3_Secure_Server_CA_-_G4.cer
Root Certificate: VeriSign_Class_3_Public_Primary_Certification_Authority_G5.cer
Server Certificate: server.example.com.cer
To install the certificate in the Amazon Web Services Elastic Load Balancer you have to fill the next fields :
The format of the certificates to be added is pem, you don’t have to convert your cer files to pem format, cer files are actually pem encoded just with another extension.
.cert .cer .crt are .pem (or rarely .der) formatted file with a different extension, one that is recognized by Windows Explorer as a certificate, which .pem is not.
The fields to fill in the AWS ELB new certificate form are:
Private key: The private Key you have used to generate the csr file (Certificate Signing Request) you sent to semantic .
Public Key Certificate: This is the server.example.com.cer contents in the above example.
Certificate Chain: This is the combination of the intermediate certificate and a root certificate, you can create a file with the contents (from top to button) of the intermediate certificate and a root certificate and use the contents of that file to fill the Certificate chain field.
For example in bash, for the example files mentioned above, you can do:
cat Symantec_Class_3_Secure_Server_CA_-_G4.pem VeriSign_Class_3_Public_Primary_Certification_Authority_G5.pem > chain_file.pem