I recently switched to using ELB with SSL termination and had to upload a GoDaddy server certificate to the load balancer. First, I tried uploading the certificate using the AWS command line tools like so:
Everything seemed to work on my Mac, but on the iPhone I got an ugly error that the certificate is not trusted. Using openssl I found out that some intermediate certificate must be missing:
The iam-servercertupload utility has a -c switch that lets you specify the certificate chain. I tried uploading the chain that we were using before with Nginx, which includes everything from the server certificate up to the root certificate, but received this error:
I then tried removing the server cert from the chain, which produced the same error. Here is the certificate chain that worked for me. Download "gd_intermediate.crt", "gd_cross_intermediate.crt", and "valicert_class2_root.crt" here and concatenate them into a file in that order. Use that as your cert chain file for iam-servercertupload and you're good to go.