Reputation: 2846
browser loading aws load balancer says connection is not private
Hi I was able to use AWS' canned SSL cert on an AWS load balancer that listens for incoming https traffic on 443 and returns http on 80 (was not able to return https over 443 their documentation refers to nonexistent buttons)
when i go to https://example.com my site loads fine and shows the https security green tag by the url.
however, when i go to my load balancer's address, which looks like
https://load-balancer-xxxxxx.us-east-1.elb.amazonaws.com/index.html
I see a webpage that says
Your connection is not private
Attackers might be trying to steal your information from load-balancer-xxxxxx.us-east-1.elb.amazonaws.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
i am wondering if this means my ssl and https communication over https://example.com is not safe ? or what this error really means in terms of what i should be concerned about
is the error due to the fact that the certified url for my site does not contain the domain *.amazonaws.com ?
if so should i consider making my ssl certificate for both my domain.com and *.amazonaws.com ?
Upvotes: 1
Views: 4722
Answers (1)
Reputation: 2888
your communication is safe if you use https://yoursite.example.com. If you go to the *.amazonaws.com however, then your browser is not able to make sure that this is your real website, because your certificate does not cover this domain.
So to make it short: just use the example.com address (and not the other one) and this is all safe
Upvotes: 3
Related Questions
- Ingress vs Load Balancer
- aws SSL certificate not getting it to work on my load balancer
- AWS classic load balancer listener isn't created, then disapears
- AWS Load Balancer: 503 (Service Unavailable: Back-end server is at capacity)
- ERR_CERT_COMMON_NAME_INVALID In Angular AWS APP
- Setting up load balancer at my EC2 instance at AWS
- AWS load balancer not working with custom domain
- AWS adding ssl certs to load balancer