AWS: “Unable to parse certificate. Please ensure the certificate is in PEM format.”

Question

I am trying to update a wildcard certificate for EC2 instances on AWS. The service these servers belong to consists of a single server and a set of servers behind AWS ELB.

The certificate has been successfully updated and verified on the single server.

The same is true for an instance pulled up from the image the ELB uses for AutoScaling.

However, when trying to add a new certificate to the load-balancer, I get the above error. I'm sure the certificate is correct and is in PEM format. I first tried via the web console, then using the aws aim command-line tools with the same result.

Did anyone come across a similar issue recently?

Answer 1

Just ran into the same exact issue: web console and AWS CLI reporting the same error in not being able to parse the certificate.

The error's root cause turned out to be in the private key -- converting my private key to an "RSA PRIVATE KEY" fixed the issue:

openssl rsa -in server.key -out server.key.rsa

Then, use the server.key.rsa in the private key field and leave the public cert as is.

Want to become an AWS expert? Check out our Course on AWS Solutions Architect Certification

You can learn more about EC2 on AWS EC2.