Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

elasticbeanstalk ssl without custom domain

Tags:

I'm trying to enable SSL on a Token Vending Machine hosted on Amazon Elastic Beanstalk. However, it tells me I need an SSL certificate if I try to enable a port 443 listener.

This would make sense if I had my own domain, but this is a system machine giving out tokens to a mobile app. The URL is of the form mytvm.elasticbeanstalk.com and will never be seen by an end user so there's no need to get a custom domain.

Is it possible to enable SSL without the hassle of setting it up on a custom domain name? Pretty much every host I've used before had a wildcard SSL certificate for stuff you ran on a subdomain of their main host. In other words I would expect Amazon to have had setup a wildcard certificate for *.elasticbeanstalk.com. Is this not the case?

like image 218
houbysoft Avatar asked Aug 16 '13 23:08

houbysoft

People also ask

How do I enable SSL on Elastic Beanstalk?

To do this, navigate to the Configuration Tab of your Elastic Beanstalk App. There should be a new card labelled Load Balancer. In order to add the certificate, we'll need to open up port 443 (SSL Port) and assign our certificate.

1 Answers

The name of your app can be your 'custom domain', i.e, mytvm.elasticbeanstalk.com.

If you are using a load-balancer with your elastic beanstalk application you can make use the directions here and use openssl to create your own cert. When you've installed openssl and the elastic beanstalk command line interface you can follow the steps by entering your domain name as 'mytvm.elasticbeanstalk.com'

Using the following commands:

C:\>openssl genrsa 1024 > privatekey.pem Loading 'screen' into random state - done Generating RSA private key, 1024 bit long modulus....  C:\>openssl req -new -key privatekey.pem -out csr.pem Loading 'screen' into random state - done You are about to be asked to enter information that will be incorporated....  Country Name (2 letter code) [AU]:us State or Province Name (full name) [Some-State]:yourstate Locality Name (eg, city) []:cityname Organization Name (eg, company) [Internet Widgits Pty Ltd]:youname Organizational Unit Name (eg, section) []: your Common Name (e.g. server FQDN or YOUR name) []:**mytvm.elasticbeanstalk.com** ...  C:\>openssl x509 -req -days 365 -in csr.pem -signkey privatekey.pem -out server.crt  C:\>iam-servercertupload -b server.crt -k privatekey.pem -s server -v

Next change your setting to use 443.

like image 169
onlymybest Avatar answered Dec 31 '22 15:12

onlymybest
Sign in to Comment

Related questions

Mac OS X app crash with Code Signature Invalid error
Chrome Developer Tools / debugger: "pretty print" does not work
How to set memory limit in RStudio (desktop version)?
Hibernate - Difference between bytecode instrumentation and bytecode enhancement?
Attempted to finish an input event but input event receiver has already been disposed
WebApi Put how to tell not specified properties from specified properties set to null?
iOS CI fails with "CoreUI: CUICatalog: couldn't get 'kMGArtworkGraphicsFeatureSetFallbacks' from MGCopyAnswer got"
CompletableFuture, mutable objects and memory visibility
WatchOS: Should UI updates from the extension be called on the main thread?
PHP-FPM crashes when having too many users while doing a heavy job
What is the logic behind this result?
HttpSession null after replacing AuthorizationRequest

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!