I am trying to add an SSL certificate through ACM with CloudFront on Elastic beanstalk. But I get redirected to beanstalk URL. I do not have an ELB for Beanstalk. It's a single instance environment. How can I fix the redirect issue?
Thanks
Related
I have imported a self signed certificate in AWS Certificate Manager for domain *.example.dev.
My application is deployed on elastic beanstalk which works when accessed through the elastic beanstalk environment link.
But when I use Amazon Route 53 to route DNS traffic for abc.example.dev to my existing Elastic Beanstalk environment and go to abc.example.dev, I get a "404 not found error".
I don't know what is going wrong.
Do I need to have the example.dev domain registered inside Route53 registered domains as well. At the moment my route53 doesn't have any registered domains.
abc.example.dev must point at the load balancer (the ALB) URL associated with your Elastic Beanstalk deployment. The example.dev domain doesn't necessarily have to be registered with route53 - it could be registered with any DNS provider. You just need to set up a CNAME record that points at your Elastic Beanstalk environment. See these docs for more info.
Your Elastic Beanstalk environment's Domain name says:
To route users to your environment, Elastic Beanstalk registers a
CNAME record that points to your environment's load balancer. You can
see URL of your environment's application with the current value of
the CNAME in the environment overview page of the Elastic Beanstalk
console.
My simple questions are:
where is this CNAME record located in AWS?
is it possible to make this subdomain SSL (redirect http to https)?
Why would I want to do this?
My application works fine, but Elastic Beanstalk says my health is "Severe" (red exclamation) when the only thing wrong is that I intentionally made my real domain (the non-Elastic Beanstalk subdomain) I have in Route 53 redirect to https (443) by modifying the load balancer. Now this Elastic Beanstalk subdomain also routes to https when it's not setup, which is what causes the health error.
where is this CNAME record located in AWS?
It is AWS-owned domain, so AWS holds it in its systems.
is it possible to make this subdomain SSL (redirect http to https)?
No, its not, because it belongs to AWS, not you. For proper HTTPS, you need your own domain that you can control. If you have such a domain, you can free SSL certificate for it from AWS ACM.
I am trying to deploy node app with on elastic beanstalk with loadbalance, I have configured elastic beanstalk https by using godaddy domain but its not working here is ACM issued list
ACM View
Here is my loadbalance list
Loadbalance list
Its not working on my go daddy domain with https but perfectly work on http elastic beanstalk domain. Please correct me what i a doing wrong here. I have followed the aws docs
So far i did below configuration.
I hosted my site on EC2 AWS machine. Public ip and public DNS.
I can access my website by ip as well as public DNS.
I purchased domain name from GoDaddy. www.xxtrasc.com
On AWS I created Hosted Zone then map www.app.xxtrasc.com successfully.
Now i access my website directly www.app.xxtrasc.com
Next want to enable https
On AWS Certificate Manager order certificate with domain name *.xxtrasc.com
Did everything to add CNAME and all. I can see status gree colored Issued on ACM.
Now how i can attached this certificate to my web site so that i can access https://www.app.xxtrasc.com
You cannot use ACM to directly install your ACM Certificate on your AWS based website or application
https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-install.html
You must use one of the following services:
Elastic Load Balancing
Amazon CloudFront
AWS Elastic Beanstalk
Amazon API Gateway
AWS CloudFormation
Please read the official doc : https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html
So to install the certificate directly under apache2/nginx configuration you need to obtain the certificate from other third parties like Lets Encrypt, GoDaddy etc. you can read about that here - https://in.godaddy.com/help/manually-install-an-ssl-certificate-on-my-apache-server-centos-5238
On AWS I recommend using an ELB an placing your EC2 instances behind this ELB. This will allow you to select your ACM certificate from ELB itslef. Please read following doc to use classic load balancer with HTTPS https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-server-cert.html
If you want to enable SSL on your site, you need to purchase SSL certificate. You can purchase it with Godaddy and then setup it on AWS server. Without SSL certificate, your https site won't work.
I have created a single instance web application on AWS with Elastic Beanstalk. Now I want to add ssl certificate to enable https access on it.
I created a ssl certificate using ACM and I was folowing this! link to add it to my web app in Elastic Beanstalk.
But I could not find and anywhere in acm.
How can i find them??
You can only use ACM with CloudFront or Elastic Load Balancers. Since you don't have an Elastic Load Balancer in a single instance Elastic Beanstalk environment, you can't use ACM, unless you want to put CloudFront in front of it.