Reputation: 10581
SSL Certificates On Elastic Beanstalk Default Setup
I'm in the process of moving from another cloud provider. Currently I'm just testing in the default environment that has a url looking like this:
http://example-env-1.us-east-1.elasticbeanstalk.com
I'm trying to get SSL/HTTPS working for this address. I then plan using a CNAME to redirect to this address and eventually move the nameservers over completely.
However, after setting everything else up successfully I get to the point of adding the certificates and it just says "failed":
And even though I have my actual "example.com" ssl certificate successfully issued nothing shows up in the load balancer certificate selection dropdown (and yes I have refreshed):
How do I enable SSL using the Certificate Manager?
Upvotes: 11
Views: 5047
Answers (2)
Reputation: 13696
That's because you are trying to request a cert for the elasticbeanstalk.com domain. You will not be able to get a cert for that domain as you are not the owner of it :). Nor can you setup https for the default elastic beanstalk domains they give you.
You should use ACM to get a certificate for your custom domain, the one you plan on making a CNAME record for.
Example:
If you were to own say the domain amyneville.com. You could create a cert through ACM for that domain.
If you use your custom domain, you do NOT need a to get a cert for the elasticbeanstalk.com domain.
A couple more things:
You cannot create a CNAME record on a TLD (amyneville.com). You can create the CNAME record for www.amyneville.com. So if you want to use the CNAME approach you will have to create a non-www redirect to www..
But better then a CNAME would be to use an A record and point it to the elastic beanstalk resource that was setup. So the load balancer that was created for you, use it's A record.
Last but not least, you cannot apply the ACM cert through the elastic beanstalk console. Instead you will have to use the AWS CLI tools. Here's a link on how to do it: https://stackoverflow.com/a/35173500/1445460
Upvotes: 10
Reputation: 121
I was looking for this myself and found this useful blog post from one of the Amazon team ...
Whilst you can't use the console to select the certificate as stated in your question you can use the Elastic Beanstalk CLI to set the certificate to one you have created in Certificate Manager.
Upvotes: 1
Related Questions
- AWS Elastic Beanstalk load balancer not showing SSL certificate
- AWS Elastic Beanstalk Loadbalancer SSL CloudFront Angular SpringBoot
- SSH to Elastic Beanstalk instance
- Configuring SSL for subdomains that use Elastic Beanstalk and LightSail
- SSL on Elastic Beanstalk
- AWS Elastic Beanstalk Namecheap SSL Configuration
- Elastic Beanstalk - ExpressJS - Https Certificate not appearing