HowTo: Generate an X.509 Certificate for an Amazon IAM User
X.509 certificates are one type of security credential for use with Amazon Web Services; they are used for making SOAP requests to AWS service APIs. If our account is not an IAM user, Amazon can generate one for us on their Security Credentials page. If our account is an IAM user, we will have to generate our own X.509 certificate; this article shows how to do that.
Create the Certificate
Make the directory the certificate and private key will be stored in.
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) :
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) :
Common Name (eg, YOUR name) :
Email Address :
Upload the certificate.
Make sure to use POST instead of GET with this call because CertificateBody is so big.