Reputation: 18719
Creating own SSL on AWS and domain name
I would like to create an SSL with AWS.
I am using Elastic Beanstalk in the following way:
https (ssl cert) -> www.mydomain.com -> http -> my-beanstak.eu-central-1.elasticbeanstalk.com
However, now I would like to add another layer of security, and do the following:
https (ssl cert) -> www.mydomain.com -> https (ssl cert amazon) -> my-beanstak.eu-central-1.elasticbeanstalk.com
So know based on article found here I am on in the point where I am creating SSL via Amazon.
My question is:
What should I put into domain name in the certificate manager? Should it be
- my-beanstak.eu-central-1.elasticbeanstalk.com
or
- www.mydomain.com (if so, why?)
or
- something else..
Upvotes: 0
Views: 70
Answers (1)
Reputation: 179194
None of the above.
Amazon Certificate Manager only provides you with a certificate for the outside (your domain, on the ELB external interface), not the inside (between the ELB and the instance).
For end-to-end SSL (which is what your desired scenario is called), you have to provide the inner-certificate yourself. But, it can be self-signed without consequence, since the browser never sees it and the ELB already knows it and thus doesn't need to validate it with a trusted CA.
See http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-endtoend.html
Upvotes: 2
Related Questions
- How to Configure SSL for Amazon S3 bucket
- AWS S3 url with CNAME compliant virtual name
- SSL for default Amazon EC2 domain
- SSL AWS EC2 backend with S3 frontend
- How to get ssl certificate working with custom domain using aws s3 bucket?
- Set up HTTPS on AWS S3 without using a custom domain
- ssl certificate for aws
- Applying SSL Certificates using AWS / EC2
- HTTPS on Amazon EC2 for OwnCloud
- SSL on Amazon S3 as "static website"