My parent domain is https & also with www. This certificate is purchased from comodo. I have two other sub-domains which I want to make https too.
Can I get a wildcard SSL from AWS (CouldFront) and use it for those sub domains?
Please let me know.
You cannot get a SSL certificate from AWS Cloud Front. You have to get that from AWS Amazon Certificate Manager (ACM). And yes you can get a wild card from AWS ACM and use that for your subdomains.
Related
I try to configure https on ALB with default amazon subdomain: some-unique-path.elb.amazonaws.com
The problem is that I can't find how to generate the ssl certificate for this domain: Amazon Certificate Manager does not allow to generate certificates for amazonaws subdomains.
Is there any way to make it without buying custom domain and configuring it for ALB?
To use ACM you must have domain which you control. From docs:
Before the Amazon certificate authority (CA) can issue a certificate for your site, AWS Certificate Manager (ACM) must verify that you own or control all of the domain names that you specified in your request.
There are some free domain providers which you could maybe use, but you have to have domain under your control. You can't use some-unique-path.elb.amazonaws.com, because this is AWS-owned domain and you have no rights to it.
I want to install certificate on Ec2 for domains and subdomains.
I'm running a website "www.example.in" on single EC2 instance which is in public subnet with public IP and also pointing some subdomains like "api.example.in", "dashboard.example.in" and "jenkins.example.in" to the same EC2 instance.
I thought to use ACM certificate to secure my website but ACM certificate can't be use directly on EC2 instance.
If i use third party tools like "let's encrypt". If I install certificate directly on EC2, will it block my subdomains or will impact on my website?
With ACM (Amazon certs)
https://aws.amazon.com/premiumsupport/knowledge-center/configure-acm-certificates-ec2/
Without ACM (bring your own cert)
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html
No, it will not block your website. "Let's encrypt" works just fine. I have worked with it.
Regarding your subdomains, you can create a wildcard certificate that can provide SSL for example.in and all subdomains (e.g. api.example.in, dashboard.example.in).
Let's Encrypt supports wildcard certs.
I have an app with a separate front end (AngularJS) and back end (Rails). They are hosted in separate AWS elastic beanstalk environments. We have purchased an SSL certificate via AWS which matches the domain name of the front end.
Our app involves completing a survey which includes submitting personal identifiable information.
Do I need an SSL certificate on both the front end and back end? Is it possible to use the same certificate for both? I am new to setting up these types of configurations and internet searches and AWS documentation have not helped.
Do I need an SSL certificate on both the front end and back end?
Yes
Is it possible to use the same certificate for both?
Yes
You need to request a free SSL certificate for your domain in the Amazon Certificate Management service (ACM). Once you have the certificate you can easily attach it to the load balancers in each of your Elastic Beanstalk environments by adding an HTTPS listener to the load balancers, and selecting the SSL certificate from the list it will present you.
When you request the certificate specify the root domain and a star wildcard for the subdomain. For example if your domain was example.com you would enter example.com and *.example.com in the SSL certificate request.
I brought a domain (not in AWS) and parked it on AWS. I also got a certificate in AWS Certificate manager, for a domain I use for a shopify store.
On the shopify admin, I see that SSL isn't available for the purchased domain.
Is there a way to connect the domain with the certificate if the server is actually on shopify ?
ACM certificates are only for use with CloudFront and Elastic Load Balancers. You could possibly setup a CloudFront distribution in front of your Shopify domain in order to use the certificate that way, but it's probably more trouble and expense than it is worth.
You might look at moving your DNS hosting to CloudFlare and using their free SSL service.
The SSL certificate generated from ACM are only for use into AWS service who you cannot move move that certificate to a Shophify server. Please refer this.
https://aws.amazon.com/certificate-manager/faqs/
When I deploy apps on Google App Engine, they automatically get use of the appspot.com wildcard SSL cert allowing me to have https secure URLs.
Does AWS give you this option, or is installing your own SSL cert the only option?
Amazon only provides free SSL certs through the ACM service, which is currently restricted to CloudFront distributions and Elastic Load Balancers that you have configured with your own custom domain name.
There are other ways to obtain a free SSL cert if you own your own domain name, such as CloudFlare and Let's Encrypt.