I have developed Facebook canvas app and for canvas App HTTPS and SSL certificate is required. I am planning to purchase SSL certificate but i don't know requirement of Facebook canvas app SSL certificate.My app may be hosted on subdomain or subdomain sub-directory. Please guide me which certificate is better for me.
If you want to secure sub-domain and its sub-directories, you can get multi domain SSL certificate.
Multi domain SSL Certificate will protect domain in following scenarios:
example.com
*.example.com
*.abc.example.com
*.example.net
*.abc.com.au
You can secure up to 100 domains with this certificate.
Related
I have a React.js web app deployed via Google Firebase hosting. I also have an express Rest API deployed via AWS EC2. I have been so far unable to get the React app to interact with the express API because it is using HTTP. I tried to get all the SSL/cert stuff figured out to enable HTTPS on the backend but it seems like it will not work because the cert is not signed by a Certificate Authority.
Is there any workaround or other solution here? Thank you in advance.
A web browser will not accept a self-signed SSL certificate. In order to generate a legitimate SSL certificate you must first own a domain name.
You need to purchase a domain, and point your domain or subdomain to the EC2 instance. Then you need to create an SSL certificate that actually matches that domain name or subdomain, using an SSL provider like Let's Encrypt that will actually be accepted by modern web browsers.
Finally you will need to use that domain name in your API calls.
You could place a Load Balancer, or CloudFront distribution, or AWS API Gateway, in front of the EC2 server, at which point you could use a free AWS ACM SSL certificate.
If you don't want to purchase a domain name, you could still place CloudFront or API Gateway in front of the server and use their default endpoint which will also provide SSL.
I'm creating a simple website. The frontend is stored in S3, and hosted by Cloudfront. I managed to add a trusted SSL certificate to my frontend domain (www.xyz.com) using AWS Certificate Manager.
The backend is running on an EC2 instance. I added a self-signed certificate to it. I'm able to hit the APIs using Postman but the requests from frontend are failing because of the self-signed certificate.
I checked the AWS Certificate Manager again if it could provide me with a cert for my backend server, but it requires a domain. My server is running on an IP and port, and I couldn't find any service that provides a certificate for an IP. I don't want to spend extra money to get a domain for my backend.
So how do I get a trusted SSL certificate for a backend server, running on something like 10.12.12.10:9000?
couldn't find any service that provides a certificate for an IP.
This is because you need domain to obtain valid public certificate. You can't register SSL cert for an IP. But if you already have your own domain www.xyz.com, you can get a certificate for its subdomain, e.g. api.xyz.com.
However, ACM certs can't be used on instances. Thus, you need to get a valid public SSL cert from a third party. A popular choice is https://letsencrypt.org/ with certbot which provides free SSL certificates. By the way, StackOverlow is using letsencrypt for its SSL cert provider, thus its widely used and trusted ssl provider.
I've deployed my Django app on AWS Elastic Beanstalk Linux instance. I've used Route 53 to point it to a custom domain from GoDaddy.
Now I want to use SSL for my website.
I don't want to use Load Balancers for SSL since I'm using only 1 instance and it's costly to pay $18/month.
So what I did is using Let's Encrypt SSL by adding 00_apache_ssl.config file in my .ebextensions folder.
I've followed this tutorial to use the SSL. My SSL is working perfectly for Elastic Beanstalk URL. But the problem is it's not working for my custom domain.
My EB Url is showing secure connection while it's custom domain is showing Insecure connection.
What I'm lacking of? Do I need to do some changes in Route 53 Record sets as well?
Thank you.
Edit 1: My custom domain is showing the Let's encrypt certificate as Invalid Certificate.
According to your tutorial, you have got an SSL certificate for your elasticbeanstalk domain, not your custom domain.
If you want to access your website via your custom domain with https (for e.g https://my-cust-doamin.com), you have to get a certificate for your domain.
You can obtain SSL certificate from any provider who sells SSL certificates.
Note: You can also get a wildcard certificate(*.my-cust-domain.com), which could be used with any of your sub domains.
reference:
https://rickchristianson.wordpress.com/2013/10/31/getting-a-django-app-to-use-https-on-aws-elastic-beanstalk/
I brought a domain (not in AWS) and parked it on AWS. I also got a certificate in AWS Certificate manager, for a domain I use for a shopify store.
On the shopify admin, I see that SSL isn't available for the purchased domain.
Is there a way to connect the domain with the certificate if the server is actually on shopify ?
ACM certificates are only for use with CloudFront and Elastic Load Balancers. You could possibly setup a CloudFront distribution in front of your Shopify domain in order to use the certificate that way, but it's probably more trouble and expense than it is worth.
You might look at moving your DNS hosting to CloudFlare and using their free SSL service.
The SSL certificate generated from ACM are only for use into AWS service who you cannot move move that certificate to a Shophify server. Please refer this.
https://aws.amazon.com/certificate-manager/faqs/
I'm replacing a current https webservice.
The webservice and clients have the current SSL certificate. The cert was issue to example.test.local, which correlates to the domain of the web service:
https:\example.test.local:4434\test\example.svc
I'm replace the current web service and domain address it uses:
https:\example1.test.local:4434\test\example2.svc
Can I reuse the original SSL certificate with my new web service URL?
Thanks for any help.
If your certificate is not issued for the new domain example1.test.local, then you can't use it. Client apps won't trust it and show a warning about wrong domain to users.
You need a new certificate.