AWS IAM SSL upload with intermediate and root certificates

Uploading a new SSL certificate to Amazon Web Services with intermediate and root certifcates took some trial and error. This kept happening:

Below are the correct operations to upload a new SSL to AWS. The example here is for AlphaSSL but you can adapt the instructions for your SSL provider.

• Save your private key that you used to purchase your SSL certificate as key.pem.
• Download AlphaSSL's intermediate certifcate here. I used the certificate labelled "SHA-256 - Orders March 31, 2014 and After". Save as intermediate.crt
• Download AlphaSSL's root certificate here. Save as root.pem
• Save the certifcate that AlphaSSL emailed you when you bought the SSL as cert.crt
• Create the chain file: cat intermediate.crt root.pem > chain.pem. This is the bit that took some trial and error.
• Upload to AWS: aws iam upload-server-certificate --server-certificate-name your-domain.co.uk --certificate-chain file://chain.pem --private-key file://key.pem --certificate-body file://cert.crt

Other tips:

• Update 9/12/2015: Ensure that you include the file:// prefixes to avoid A client error (MalformedCertificate) occurred when calling the UploadServerCertificate operation: Unable to parse certificate. Please ensure the certificate is in PEM format. errors
• Remember to include the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines in the certificate files
• Remember to include the -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- lines in the private key
• The lines in your key and certificate files should be exactly 64 characters (apart from the first and last lines)

For more information, the official documentation is here