I intend on using an AWS Certificate Manager (ACM)-generated SSL certificate on my load balancer (in front of a Node.js app cluster). The APIs would be in turn called by an iOS app, for which I would apparently need to put in my resources as a .der file.
However, to convert to a .der (using the command openssl x509 -inform PEM -outform DER -in cert.pem -out cert.der), I need the corresponding .pem file for the certificate. How do I go about generating the same? I couldn't find anything in the ACM documentation to help with the same....
Appreciate your help...
Found the answer!
Need to attach ACM policy to the instance IAM role, and then run:
aws acm get-certificate --certificate-arn ACM-CERTIFICATE-ARN --region ACM-CERTIFICATE-REGION
This would generate the certificate chain and the certificate. Take the certificate first, and then the chain, and copy into a .pem. We'll need to remove the \n and fold the length of the file to only be a max of 64 chars.
Finally, run the command I pasted earlier above, i.e. openssl x509 -inform PEM -outform DER -in cert.pem -out cert.der. That would generate the .der file which we can now integrate in the iOS bundle!