How to download AWS certificate to use it with NodeJS

Question

I'm struggling with AWS to enable https systematically. I requested a certificate through the certificate manager, and then have the ELB and Security Group listen to HTTPS and port 443.

But I also need my server on the AWS instance to listen to https request on the 443 port, right? My server is running with NodeJS and Express. From what I understood, I'd need to have a certificate (.crt) file and key to do it correctly, but I didn't find out how to download them from AWS Certificate Manager.

Did anyone faced this problem before? Thanks all!

Answer 1

I also need my server on the AWS instance to listen to https request on the 443 port, right?

Nope, you enable the certificate on the ELB. SSL termination happens on the ELB, and communication between the ELB and your NodeJS server occurs over HTTP inside your VPC. The ELB will send a special HTTP header X-Forwarded-Proto to your NodeJS server, which you can check if you need to know if the connection between the ELB and the client is over HTTP or HTTPS.

You can't download certificates generated by Amazon's ACM service. You can only use them via Load Balancers or CloudFront distributions.

Answer 2

No, You cannot download the certificate, instead of that you can configure your Apache. for configuring https open /etc/apache2/sites-available/default-ssl.conf and add this lines to that file.

<Location /subDomain>
  ProxyPass http://localhost:port
  ProxyPassReverse http://localhost:port
</Location>

after adding restart your apache. And open the browser and check https://yourdns.com/subDomain