This is the situation:
I have a subdomain (i.e sub.domain.com) which has a cPanel and the domain namerserver must not be changed at all.
I have a classic load balancer in AWS with ec2 instances inside it that is already set up with Amazon Certificate Manager for its SSL Cert (cert DNS validated and in use).
Currently I added an A record in the subdomain that refer to IP address of one of the EC2 Instance, the problem is the EC2 does not come with the SSL Cert therefore could not access the site with https:// and I could not find anywhere on how to refer this subdomain to my load balancer with the cert so that the site can be opened with https://
Have tried various combinations in the subdomain record, A record also only allow IPv4 address while the ELB DNS is not.
Does anyone know how to connect my subdomain to my ELB? Thanks a lot in advance
Your certificate (AWS Certificate Manager) is probably set to ONLY for the primary domain (domain.com), to fix this your certificate needs to slow down the subdomains as well, so I recommend creating a certificate for * .domain.com
After creating the certificate you will still have to bind it to Elastic Load Balancing.
More information: https://docs.aws.amazon.com/en/acm/latest/userguide/acm-certificate.html
Related
I have a Classic load balancer configured on my AWS webservices at xxx-xxx.amazonaws.com
and have also added route 53 to configure. But it seems there is no traffic moving from my domain to load balancer DNS. Need Help.
On my EC2 Server, I have added a MERN Stack application and used nginx to route the traffic from :80 to :8080. Next, a Elastic IP address is added to ec2 server.
A certificate is created using AWS's ACM and attached to the classic load balancer.
The domain records are handled by AWS's route 53. Domain name is aamchymumbai.com.
Thank you!
I did get a fix using CLoudfare.
Another follow up question, I have now. How to can I redirect domain.com to ec2-server.com:8080 and sub-domain.com to ec2-server.com:5000 using nginx + cloudfare?
I'm new to AWS and hoping someone can answer my question here. I've created a web server on an EC2 instance and installed Craft CMS on it. I've requested a public certificate from Certificate Manager, and put the CNAME in the route53 hosted zone for the domain name. The certificate is attached to the Load balancer I attached to my EC2 instance. If I set up cloudfront with all this my website is still showing up as insecure (meaning I'm not doing something right). How should I go about connecting cloudfront to my EC2 instance? With or without the load balancer. I only have one instance running so I don't really need the load balancer either. Thanks!
Just to clarify what you are trying to accomplish: 1) You have one or more EC2 instances, presumably in an auto-scaling group; 2) Those EC2 instances are set as targets for your ELB; 3) You have a certificate that is valid for your ELB hostname, let's call it elb.mydomain.com.
And now you are trying to setup CloudFront with the ELB as the origin?
Starting with the CloudFront certificate: Is the certificate also valid for your CloudFront hostname (let's call it www.mydomain.com)? If not, you will need to create and validate another cert for www.mydomain.com.
Second, the CloudFront distribution must be configured to use a certificate that is valid for the hostname you want to use. You must also include the hostname as an alternate domain name in the CloudFront distribution. Then make sure your route53 CNAME entry points from your desired hostname to the CloudFront distribution, which will be something like d18sdfijsilj.cloudfront.net.
I have a simple AWS setup of 2 VMs hosting a WebApp. An Application Load Balancer is in-front of these machines. I can access the DNS name of the Load Balancer and can reach to the WebApp.
Now, I want to connect to my app with a domain name hosted on Godaddy. I tried to simply create CNAME (as no Elastic IP on Application LB) with the LB's DNS name, but it didn't work.
What am I missing ? I tried with godaddy support but already wasted 7 days with not solution.
I want to put SSL certificate also on ALB. Should I be aware of anything specific in this setup?
The problem was, I was trying to CNAME for root level domain. Now, I created an alias in Route 53 and used AWS's nameservers on Godaddy to forward request there.
I have a Wordpress website with a GoDaddy domain being hosted on SiteGround using the nameservers. I am looking to switch to a React App which is currently running on an EC2 instance in AWS. I want to run the ec2 instance (aka the react app) on a subdomain like beta.domain.com inside SiteGround while still keeping the Wordpress website since its a part of my business. I tried creating a subdomain in SiteGround and then pointed it to my EC2 instance elastic IP (the public ipv4) using an A record but it is showing "This site can't be reached" error once I go to beta.domain.com.
What am I doing wrong? How do I run the EC2 instance in a subdomain hosted in SiteGround?
EDIT
Thank you, everyone, for your help. The problem was the SSL certificate for the HTTPS. The website wasn't coming on due to the HTTPS setup on the Nginx on the EC2 instance. After I put in the details of the certificate it runs properly with just the A record.
Any public address in the AWS environment are never accessible from outside the security groups. Even if you try to ssh from your own machine and if it is not in the inbound rule of the security group of your EC2 instance. I feel there are 3 ways out here.
1.) Adding an all traffic rule in your EC2 Security group inbound rule. This is not recommended as it opens all traffic to your machine.(additional tip: set up secure ssh key with the machine)
2.) Use an ELB to route traffic to your EC2 instance. ELB will provide you with a DNS record which can be used an a CNAME in godaddy(Point 3 shows how to map it as a A record in GoDaddy)
3.) Using Route 53 Hosted Zones - You could delegate your DNS to be managed by AWS Route 53. This way all traffic will be routed to your machine by AWS R53.
Another tip: Elastic IP can also be used which are like permanent static IP Addresses accessible from across internet. This provided a secure communication method to your instances.
Let me know what could be the favorable solution for you. I could help you out further
If you have registered your domain name with Goaddy, you can create subdomain in Godaddy as CNAME and point it to static IP address of your ec2 instance. Here is a link to guide you.
Also your main domain name will point to your Wordpress website on SiteGround.
Now that you have EC2 instance, you can also run a wordpress site on that instance if you like.
I have a webserver running on a AWS EC2 instance (has an elastic IP) that can be accessed over my own domain (www.xy.ch) via http. Now, I need to access the webserver via https and so I created a certificate for my domain (www.xy.ch), uploaded it to AWS Certificate Manager and added the certificate to a Load Balancer connected with my EC2 instance.
This seems to work so far. When I target the DNS name of my Load Balancer (xyz.eu-central-1.elb.amazonaws.com) with a https in front, I can access my webserver. But the certificate is flagged invalid, because its common subject name (my domain name: www.xy.ch) does not match the input (DNS name of Load Balancer: xyz.eu-central-1.elb.amazonaws.com).
But now, I have no idea how to proceed so that I can access my webserver with https over my own domain (www.xy.ch). It does not work at the moment, so I obviously miss a configuration step, but I really don't understand what.
How can I connect my own domain with the Load Balancer's DNS?
I did some research and tried to understand the answers of similar cases (e.g. Assigning Static IP Address to AWS Load Balancer), but could not find a solution for my case.
The solution was indeed to delete all DNS entries pointing to the IP of the webserver and redirecting everything DNS wise over the Load Balancer. Credits to Mark B!