Reputation: 688
Adding SSL to AWS Beanstalk
My AWS certificate is not showing as an option in the SSL certificate ID dropdown. I believe that this is required to force the Elastic Beanstalk to use HTTPS. I am using an AWS issued cert. Here are the steps from the manual that I am following.
To assign a certificate to your environment's loadbalancer
1) Open the Elastic Beanstalk console.
2) Navigate to the management console for your environment.
3) Choose Configuration.
4) In the Network Tier section, choose the gear icon next to Load Balancing.
5) In the Load Balancer section, choose your certificate from the SSL certificate ID drop down menu.
Upvotes: 5
Views: 1616
Answers (3)
Reputation: 1795
Because you created the certificate in a different zone than the Load balancer, as per Amazon docs, the certificate and elb have to be in the same zone.
Upvotes: 0
Reputation: 688
As of May 23rd, AWS has added support for using certs obtained from the AWS Cert Manager in your Elastic Beanstalk. Below is the press release from their May 31st AWS Announcements:
AWS Elastic Beanstalk Supports AWS Certificate Manager Posted On: May 23, 2016
You can now use SSL/TLS certificates provisioned from AWS Certificate Manager with your AWS Elastic Beanstalk environments by selecting a certificate from the Elastic Beanstalk console. This helps you easily secure network communications between your Elastic Beanstalk applications and end users.
AWS Certificate Manager (ACM) is a service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services. SSL/TLS certificates provisioned through AWS Certificate Manager are free. You pay only for the AWS resources you create to run your application.
You can start choosing ACM certificates for your Elastic Beanstalk applications from the Elastic Beanstalk console or with the EB CLI, SDKs, and APIs. Read our documentation to learn more. You must provision a certificate from ACM before you can use it with Elastic Beanstalk. To get started with ACM, visit here.
Upvotes: 1
Reputation: 688
My problem was I trying to use the cert i commissioned through AWS (they allow you to do this) through their cert manager, I was trying to use that on my EC2 instance. I'm not sure that Amazon is aware of this but the AWS granted cert is NOT available in the dropdown list in your Elastic beanstalk instance networking configuration load-balancer option (but it is available when you edit the EC2 load balancer). As it turns out ... you must create and upload your own cert to make both options work.
- STEP 1: EC2 Dashboard
- Goto Load Balancers
- Goto Listeners Tab
- Press Edit
- Press Add
- Enter
- LoadBalancer Protocal = HTTPS
- Load Balancer Port = 443
- (leave Instance Protocol default)
- Press Change on SSL Cert
- Add your Private & Public Key
- Press Save
NEXT...
- STEP 2: Elastic Beanstalk Dashboard
- Goto your Beanstalk instance
- Goto Configuration
- Goto Load Balancing (under Network Tier)
- On Secure listener port, set Protocol to "HTTPS"
- On SSL certificate ID Dropdown to your cert
Upvotes: 2
Related Questions
- AWS classic load balancer listener isn't created, then disapears
- How to force https on elastic beanstalk?
- AWS Certificate Manager Certificate is not visible to AWS Beanstalk from Console
- Add SSL to web app built using aws eb cli
- AWS Certificate Manager (ACM Certificate) with Elastic Beanstalk
- Https on Elastic Beanstalk Without Load Balancer
- AWS Elastic Beanstalk Namecheap SSL Configuration