How to Create and Upload a User Signing Certificate to AWS Console

To configure Amazon EC2, Auto Scaling, Elastc Lad Blalancing and Amazon CloudWatch using CLI we need the siging certificates. You must obtain a sigining certificate and then upload it to the IAM system. IAM doesn’t have an API action to create it so we need to use a third party tool such as OpenSSL to create the user signing certificates. To create the certificate use the below commands

If you will be using the certificate to authenticate CLI commands for Auto Scaling, Amazon CloudWatch, or Elastic Load Balancing, generate the certificate in PKCS8 format using the following command:

To create a user signing certificate

It will ask you for some information, just enter all those.

Now we need to upload it to the IAM system.

Select the user, click the Security Credentials tab, and then click Manage Signing Certificates.
Click Upload Signing Certificate.
Paste the contents of the user’s signing certificate into the Certificate Body field.


Press OK

Now the use the key and certificate for any kind of CLI. Have fun.

The following two tabs change content below.

Tapas Mishra

Sr. Engineer (DevOps)
Loves to work on Opensource products. Having experience on Linux environment. Knowledge on Public cloud services like AWS, Rackspace, DigitalOcean, Linode. Please don't hesitate to give a comment on the posts. Your comments are my strength.

Leave a Reply