Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Amazon EC2 + SSL

Tags:

I want to enable ssl on an EC2 instance. I know how to install third party SSL. I have also enabled ssl in security group.

I just want to use a url like this: ec2-xx-xxx-xxx-xx.compute-1.amazonaws.com with https.

I couldn't find the steps anywhere.

It would be great if someone can direct me to some document or something.


Edit:

I have a instance on EC2. On Which I have installed LAMP. I have also enabled http, https and ssh in the security group policy.

When I open the Public DNS url in browser,I can see the web server running perfectly. But When I add https to URL, nothing happens.

Is there a way I am missing? I really dont want to use any custom domain on this instance because I will terminate it after a month.

like image 592
Neeraj Kumar Avatar asked Nov 12 '13 10:11

Neeraj Kumar


People also ask

How do I get an AWS EC2 SSL certificate?

There are three steps to install an SSL/TLS certificate on your EC2 Windows instance: Create a Certificate Signing Request (CSR) and request your SSL certificate. Install your SSL certificate. Assign the SSL certificate to your IIS deployment.

What is SSL in AWS?

SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. AWS Certificate Manager removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates.

Does Amazon use SSL or TLS?

Amazon Pay currently accepts TLS/SSL certificates with root certificates from any of the Certificate Authorities (CAs) listed on the Certificate Authorities (CA) Recognized by Amazon SNS for HTTPS Endpoints page.

Does AWS offer free SSL?

Public SSL/TLS certificates provisioned through AWS Certificate Manager are free. You pay only for the AWS resources you create to run your application.


2 Answers

For development, demo, internal testing, (which is a common case for me) you can achieve demo grade https in ec2 with tunneling tools. Within few minutes especially for internal testing purposes with [ngrok] you would have https (demo grade traffic goes through tunnel)

Tool 1: https://ngrok.com Steps:

  1. Download ngrok to your ec2 instance: wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip (at the time of writing but you will see this link in ngrok home page once you login).
  2. Enable 8080, 4443, 443, 22, 80 in your AWS security group.
  3. Register and login to ngrok and copy the command to activate it with token: ./ngrok authtoken shjfkjsfkjshdfs (you will see it in their home page once you login)
  4. Run your http - non https server (any, nodejs, python, whatever) on EC2
  5. Run ngrok: ./ngrok http 80 (or a different port if your simple http server runs on a different server)
  6. You will get an https link to your server.

Tool 2: cloudflare wrap

Alternatively, I think you can use an alternative to ngrok which is called cloudflare wrap but I haven't tried that.

Tool 3: localtunnel

A third alternative could be https://localtunnel.github.io which as opposed to ngrok can provide you a subdomain for free it's not permanent but you can ask for a specific subdomain and not a random string.

--subdomain request a named subdomain on the localtunnel server (default is random characters)

Tool 4: https://serveo.net/

like image 77
Tomer Ben David Avatar answered Oct 12 '22 02:10

Tomer Ben David


Turns out that Amazon does not provide ssl certificates for their EC2 instances out of box. I skipped the part that they are a virtual servers providers.

To install ssl certificate even the basic one, you need to buy it from someone and install it manually on your server.

I used startssl.com They provide free basic ssl certificates.

like image 21
Neeraj Kumar Avatar answered Oct 12 '22 03:10

Neeraj Kumar