I am trying to use my Spring Boot app over HTTPS in EC2. I could make this work, but the issue that I have that when I am acceding my service over the browser, is that the certificate that I am using is not secure, because I created in my PC.
I converted my .p12
certificate (that I am using in Spring Boot) to PEM, then I imported into AWS Certificate Manager, but I dont know where I have to set it up this certificate, to make my request secure over the browser.
In Chrome tab appears "Not Secure" at the left of the domain, I want to make my request secure. Where I have to set my imported certificates?
There are three steps to install an SSL/TLS certificate on your EC2 Windows instance: Create a Certificate Signing Request (CSR) and request your SSL certificate. Install your SSL certificate. Assign the SSL certificate to your IIS deployment.
AWS Certificate Manager can only be used with AWS Load Balancers, Cloud Front distributions, and API Gateway. You can't use it directly with an EC2 instance, you have to place one of those 3 services in front of the EC2 instance to use AWS Certificate Manager.
Also, AWS Certificate Manager by itself will not make your "Not Secure" error go away. You have to use a valid SSL certificate for the domain name. Since you can only create an SSL certificate for a domain name that you own or otherwise have control over, you need to first point your domain name at the AWS resource you want to use, then install the SSL certificate. Using a "self-signed" certificate like the one you have currently created will always result in a "Not Secure" error in all major web browsers.
One option is to point your domain to an AWS Application Load Balancer, then generate a free SSL certificate for your domain in AWS Certificate Manager and attach that SSL certificate to the load balancer, using the load balancer for SSL termination. Another option would be to purchase an SSL certificate for your domain from somewhere, or use Let's Encrypt to generate a free SSL certificate for your domain on the EC2 server, then point your domain name directly to the EC2 server.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With