Tohuwabohu excorcism

openssl genrsa -out d:\privatekey.pem 1024
openssl req -new -x509 -key d:\privatekey.pem -out d:\publickey.cer -days 7000
openssl pkcs12 -export -out d:\public_privatekey.pfx -inkey d:\privatekey.pem -in d:\publickey.cer
openssl req -key d:\privatekey.pem -out d:\privatekey.csr -new
openssl x509 -req -days 7000 -in d:\privatekey.csr -signkey d:\privatekey.pem -out d:\publickeycert.pem

Amazon AWS requires a signed public key. THe toolkit mostly uses .pem files.

• Step 1: generates a private key
• Step 2: creates a X509 certificate (.cer file) containing your public key which you upload when registering your private application (or upgrading to a partner application).
• Step 3: Export your x509 certificate and private key to a pfx file. If your chosen wrapper library uses the .pem file to sign requests then this step is not required.
• Step 4: convert the private key to a .csr file
• Step 5: convert the private key in the .csr format to a .pem file and signing it with the private key.
  Signing is required for AWS to accept the public key