CODEWITHSUNDEEP
amazon-web-servicesamazon-s3amazon-ec2ssl-certificate
Varun Tiwaari
Varun Tiwaari

Reputation: 21

How to install SSL certificate on AWS EC2 IIS?

my team is creating an app that involves sharing bank details. For a feature that involves instant verification of bank accounts, we have used a third party vendor, Dwolla, who provide a secure interface for entering the bank account details. This is from Dwolla: https://developers.dwolla.com/resources/dwolla-js/instant-account-verification.html

Our app is hosted on AWS Server, EC2 instance on iis, S3 storage.

First, do I need to install SSL on AWS server? If yes, how should I do it?

I have been looking for answers everywhere, but I can't find an exact resolution.

Please help.

Upvotes: 1

Views: 6294

Answers (3)

Gustavo Tavares
Gustavo Tavares

Reputation: 2805

To install the SSL certificate, it will depends on some specifics of your environment:

  1. If you use a single instance with IIS you must acquire a SSL certificate from a external CA. It will cost you some money and they will guide you how to request and emit the certificate. With the certificate emitted you'll need to upload it to your OS and configure the IIS to use it;

  2. If you use a pool of instances behind a load balancer provided by AWS you can request a certificate from AWS for free and configure the load balancer to use the emitted certificate (https://aws.amazon.com/certificate-manager/?nc1=h_ls).

  3. If you do not use a AWS load balancer, you can create a AWS CloudFront Distribution (https://aws.amazon.com/cloudfront/), use your IIS as origin and configure your free AWS Certificate in the distribution.

Upvotes: 7

Dawesi
Dawesi

Reputation: 586

We've been using certify (https://certifytheweb.com) with no issues on IIS. Free for less than 3 domains, cheap for up to 100 domains. Use this on all our servers. Turnkey solution with great debugging tools.

Upvotes: 0

foxontherock
foxontherock

Reputation: 1842

We started using PKISharp win-acme to get free LetsEncrypt SSL certificates for our IIS in EC2 and it works like a charm, auto-renew every 2-3 months without issue, very easy to setup from "dos" prompt (run as administrator)...

To help pkisharp do its job, keep your 80 and 443 binding on the same site, you can configure a "url rewrite" rule to redirect all 80 requests to 443.

The tool will add a task in the windows scheduler to handle the auto-renew.

Upvotes: 1

Related Questions