Reputation: 11
Amazon Certificate Manager SSL for an ELB with Https listener in another account
I have 2 AWS accounts. My domain is configured with a hosted zone in account A and I have an ELB in account B that must have a HTTPS listener. I want to create a record to my ELB in account B for my domain which has to be configured in account A.
I know that I can create an Alias record for my hosted zone (type: IPv4 - From my account B) and I simply paste in the DNS name into the text field.
The problem is when I need to create a HTTPS listener in that ELB in account B, the domain certification (Route 53) from the account A can't be transferred to account B because it was created by AWS.
Is there some solution to use the same domain certification from account A in account B? If not, could I create another domain certification (Route 53) using the same domain in account B without destroying the domain certification of the account A?
Here there are more explanations about my problem: =>>>> I created a new account B to transfer my Developmnet and QA instances and keep the instance of production in the account A.
In the account A i have an Amazon Certificate Manager SSL for the registred domain. In the route 53 this domain is registred in a hosted zone (*.mydomain.com) . All subdomain dev.mydomain.com, qa.mydomain.com etc are in that hosted zone.
My instances use HTTPS through the ELB's. This ELB's have listener with TCP and SSL inbounds.
To do that we need the Amazon Certificate Manager SSL for the SSL inbound.
I'm trying to use these subdomains dev.mydomain.com and qa.mydomain.com in the account A with the transfered EC2 Developmnet and QA instances to the account B.
I created new ELB's in the new account B to provide HTTPS protocols like i made in the account A. When i try to create the SSL listener i need an Amazon Certificate Manager SSL. Could i transfer the Amazon Certificate Manager SSL from the account A to provide the ELB listener and use the subdomains of the account A ?(dev.mydomain.com, qa.mydomain.com ).
Is there some tip to transfer this Amazon Certificate Manager SSL to the account B or i have to create another domain and another Certificate Manager SSL to achieve my target?
Can i create another Certificate Manager SSL using the same domain from the account A? This new Certificate Manager SSL could produce some colateral fails in the account A that use the fisrt Certificate Manager SSL?
Upvotes: 1
Views: 531
Answers (1)
Reputation: 1048
You should go to Amazon Certificate Manager in account B and request a new certificate there. It will not affect the certificate for account A.
Use that new certificate in the ELB on account B + use a CNAME in route 53 on account A.
Upvotes: 0
Related Questions
- ELB to backend server using HTTPS with self-signed certificate
- Issue a certificate in a different account than the domain
- Certificate authority SSL using AWS load balancer
- SSL certificate for ALB on amazonaws subdomain?
- Add HTTPS Listener to Application Load Balancer
- Setting up HTTPS for ELB and EC2
- SSL certificate for AWS internal load balancer
- Can I use AWS own ELB certificate for HTTPS/SSL connection?
- Application Load Balancer (ELBv2) SSL pass through
- AWS Certificate Manager for ELB pointing to a Apache Server Running on EC2