<p>ELB only supports certificates in PEM format. Before uploading a certificate, make sure that the format of your certificate content, certificate chain and private key meet the requirements. This article describes the format requirements for the certificate content, private key and certificate chain.</p> <p>Generally, there are two types of certificates:</p> <p>&bull;&nbsp;<strong>Root certificate issued by CA Certification Center</strong></p> <p>For the root certificate issued by CA Certification Center, the user gets a unique certificate, with which the user can be recognized as trusted by the browser and other access devices.</p> <p>&bull;&nbsp;<strong>Certificate issued by intermediate certificate authority</strong></p> <p>CA Certification Center issues certificates to intermediate certificate authority, and the intermediate certificate authorities issue certificates to other subordinate institutions or users. Therefore, a <strong>certificate chain</strong> will be formed. When verifying such certificates, the issuer&#39;s certificate will be traced back level by level until the root certificate is found.</p> <p>The certificates issued by the intermediate certificate authority will contain multiple files. It is necessary to upload the server certificate and intermediate certificate at the same time (the certificate chain.)</p> <p><strong><span style="font-size:18px">Certificate Content Format Requirements</span></strong></p> <p>&bull;&nbsp;Begin with ------ BEGIN CERTIFICATE ----- and end with ------ END CERTIFICATE -----, which need to be uploaded together when uploading the certificate.</p> <p>&bull;&nbsp;There are 64 characters in each line, and the length of the last line can be less than 64 characters.</p> <p>&bull;&nbsp;The certificate content does not contain spaces or blank lines.</p> <p>The following figure is an example of a root certificate:</p> <p><img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201607145745-1565abc997ce.png" style="height:177px; width:390px" /></p> <p><strong><span style="font-size:18px">Certificate Chain Format Requirements</span></strong></p> <p>&bull;&nbsp;The server certificate is placed first, and then the other intermediate certificates are placed level by level.</p> <p>&bull;&nbsp;Each loop of certificate chain starts with ---- BEGIN CERTIFICATE ----- and ends with ---- END CERTIFICATE -----, which need to be uploaded together when uploading the certificate.</p> <p>&bull;&nbsp;The certificate content does not contain spaces or blank lines.</p> <p>&bull;&nbsp;Meet the certificate format requirements specified by the intermediate certificate authorities when they issuing the certificate.</p> <p>The following figure&nbsp;is an example of certificate chain:</p> <p><img src="https://obs-cn-shanghai.yun.pingan.com/pcp-portal/20201607145834-14ece0199548.png" style="height:521px; width:609px" /></p> <p><strong><span style="font-size:18px">Private Key Format Requirements</span></strong></p> <p>&bull;&nbsp;Begin with ------ BEGIN RSA PRIVATE KEY ----- and end with ------ END RSA PRIVATE KEY -----, which need to be uploaded together when uploading the certificate.</p> <p>&bull;&nbsp;There are 64 characters in each line, and the length of the last line can be less than 64 characters.</p> <p>&bull;&nbsp;The private key does not contain spaces or blank lines.</p> <p>The following picture is an example of private key:</p> <p></p>