Install godaddy ssl certificate on amazon ec2

amazon ec2csrgodaddyopensslssl-certificate

I'm new to setting up ssl certificate and csr, i want to use public ip instead domain name in ssl.
i created a csr file using following command and info

openssl req -new -newkey rsa:2048 -nodes -keyout mydomain.key -out mydomain.csr

Generating a 2048 bit RSA private key
.....................+++
...........................................+++
writing new private key to 'mydomain.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:Delhi
Locality Name (eg, city) []:Delhi
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MyComp ITES pvt ltd
Organizational Unit Name (eg, section) []:chatapp
Common Name (e.g. server FQDN or YOUR name) []:123.123.123.12(Elastic IP)
Email Address []:amitdubey@gmail.com        

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

this command generating two file

1.mydomain.key

2.mydomain.csr

i copy all the text from mydomain.csr and paste into godaddy Certificate Signing Request (CSR)
but it giving me error 

Public IP addresses are not allowed.

can any one help me whats wrong with me and how can fix this error.

Best Answer

You cannot generally get SSL certificates issued with an IP address as a subject name.

Firstly, you have no basis with which to get such a certificate issued unless the IP block is delegated to you (from an RIR, for example). This means that unless you are listed and named in the whois information for that IP block, you will not get a certificate.

Secondly, not all certificate authorities will do this even in that case.

Your elastic IP is a little like a subdomain in this sense. It's available for your use, and associated with you in the context of your provider, but as far as ICANN and its descendants are concerned it isn't yours.

Related Topic