Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

SSL/TLS Certificates for Lightsail? [closed]

Tags:

AWS Certificate Manager (ACM) provides SSL/TLS certificates for AWS users. Does it apply to Lightsail users as well?

If not, is there any instructions or advises on setting up SSL certificates on Lightsail server?

like image 667
cdeng Avatar asked Dec 21 '16 22:12

cdeng

People also ask

How do I remove SSL from Lightsail?

Choose the load balancer where your SSL/TLS certificate is attached. Choose the Inbound traffic tab on your load balancer's management page. In the Certificates section of the page, choose the ellipsis icon (⋮) for the certificate that you want to delete, and choose Delete.

How are TLS certificates validated?

How does a TLS certificate work? When a user tries to connect to a server, the server sends them its TLS certificate. The user then verifies the server's certificate using CA certificates that are present on the user's device to establish a secure connection.

2 Answers

As per the other answers, you cannot use AWS Certificate Manager to create and install certificates for Amazon Lightsail instances, or any other EC2 instances. However, you can create your own SSL/TLS certificates and install them manually. The Lightsail instance for WordPress is powered by Bitnami and Bitnami give exact instructions on how to create and install a free SSL/TLS certificate with LetsEncrypt.

https://docs.bitnami.com/aws/how-to/generate-install-lets-encrypt-ssl/

I completed this process successfully for lukejanicke.com but didn’t immediately get it working for www.lukejanicke.com

like image 114
lukejanicke Avatar answered Oct 05 '22 14:10

lukejanicke

There is currently no mechanism for using ACM certificates with Lightsail instances.

But, there's also no mechanism for using ACM certificates directly on EC2 instances. They have to be behind a load balancer because ACM doesn't provide you with access to the certificate's private key.

You can only use ACM certificates with ELB/ALB and CloudFront.

Information visible in the instance metadata on Lightsail suggests that ELB/ALB might be a future feature there, which suggests it might be possible in the future... but for now, it isn't.

Of course, CloudFront works with any origin server -- EC2, Lightsail, even origin servers that aren't in AWS at all. (I have a server in my living room that works behind CloudFront). If you don't need encryption between CloudFront and your Lightsail machine -- just between the browser and CloudFront -- then you can configure this today, and use an ACM cert on CloudFront, with Lightsail as the origin server. The only issue there is that you would not be using the free outbound bandwidth allowance from Lightsail to the Internet -- you'd be using CloudFront outbound Internet bandwidth, which does not have a large free quota like Lightsail.

like image 44
Michael - sqlbot Avatar answered Oct 05 '22 13:10

Michael - sqlbot
Sign in to Comment

Related questions

Spring Boot @Autowired with Kotlin in @Service is always null
R - number of unique values in a column of data frame
What is the difference between Jest Mock functions and Sinon spies
Increment counter for every access to a Flask view
How to get a tensorflow op by name?
Sort and Remove unused usings in C# code
DNS Records Redirect www to non-www
What is the base branch when a new one is created?
How can I show pictures of keyboard keys in-line with text with Sphinx?
How to display common header and footer by default in angular 2?
Why does std::visit take a variable number of variants?
How to decide on the ThreadPoolTaskExecutor pools and queue sizes?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!