I had a certificate expire today and needed to get one reissued from GoDaddy. In the past, I've had no trouble using the pem encodings they generate with the ELB SSL interface. However, when I try to include the SHA-2 bundle (the pem encoded list of certificates in the cert chain) in the certificate chain text area, I get a "Invalid Public Key Certificate" error. If I don't include the certificate chain, I'm able to configure the certificate (however it doesn't validate on iOS and Android).
When I did this a year ago I had no trouble. Also, I should note that this bundle file works just fine with two Apache servers that are not behind load balancers.
Best Answer
Use gd_bundle-g2.crt instead.
Thank you to my friends over at trusted advisor.
Quick Review
Ensure private key is in RSA format without a password.
openssl rsa -in private.key -text > private.pem
Your .crt file from godaddy is probably already in pem format.
openssl x509 -inform PEM -in blahblah.crt > public.pem
Download gd_bundle-g2.crt from https://certs.godaddy.com/anonymous/repository.pki
Field mappings (Dear amazon, this form is terrible.)
If your form looks like this, these instructions probably still apply. http://i.stack.imgur.com/yB918.png