Dieser Inhalt ist in der ausgewählten Sprache nicht verfügbar

Wir arbeiten ständig daran, Inhalte in der ausgewählten Sprache bereitzustellen. Vielen Dank für deine Geduld.

How do I add multiple SSL certificates to the Application Load Balancer in my Elastic Beanstalk environment?

Lesedauer: 2 Minute

I want to add additional SSL certificates to the Application Load Balancer in my AWS Elastic Beanstalk environment.

Short description

The Application Load Balancer supports multiple SSL certificates, but the SSLCertificateArns option setting in Elastic Beanstalk accepts only one certificate per listener.

To add additional SSL certificates to your Application Load Balancer, you must create a resource-based .ebextension.

Resolution

Add a second SSL certificate to your Application Load Balancer

1. Create a .ebextensions folder in the root directory of the source bundle.

2. In the .ebextensions folder, create a .config file based on the following:

option_settings:
  aws:elbv2:listener:443:
    Protocol: HTTPS
    SSLCertificateArns: "cert-arn-1"
Resources:
  AddingSSLCert2:
    Type: "AWS::ElasticLoadBalancingV2::ListenerCertificate"
    Properties:
      ListenerArn:
        Ref : "AWSEBV2LoadBalancerListener443"
      Certificates:
        - CertificateArn: "cert-arn-2"

Note: In the preceding code example, replace cert-arn1 and cert-arn2 with your certificate's Amazon Resource Names (ARNs).

To add additional certificates, add a new ListenerCertificate resource. For example:

option_settings:
  aws:elbv2:listener:443:
    Protocol: HTTPS
    SSLCertificateArns: "cert-arn-1"
Resources:
  AddingSSLCert2:
    Type: "AWS::ElasticLoadBalancingV2::ListenerCertificate"
    Properties:
      ListenerArn:
        Ref : "AWSEBV2LoadBalancerListener443"
      Certificates:
        - CertificateArn: "cert-arn-2"
  AddingSSLCert3:
    Type: "AWS::ElasticLoadBalancingV2::ListenerCertificate"
    Properties:
      ListenerArn:
        Ref : "AWSEBV2LoadBalancerListener443"
      Certificates:
        - CertificateArn: "cert-arn-3"

Note: In the preceding code example, replace cert-arn1, cert-arn-2, and cert-arn3 with your certificates ARNs.

The option_settings section creates the HTTPS listener on port 443 and attaches a certificate to this listener. If you created the HTTPS listener from the console, then you can remove the option_settings section from the .config file. The Resources section creates another resource that attaches an additional certificate to the listener.

3. Apply the .ebextensions updates to your application bundle.

4. Deploy your application again.

Your application updates the existing Application Load Balancer without replacing it.

Important: The additional certificate doesn't appear in the Elastic Beanstalk console. To verify that your certificate is added to the Application Load Balancer, complete the steps in the Verify that your SSL certificates are added to the Application Load Balancer listener 443 section.

Verify that your SSL certificates are added to the Application Load Balancer listener 443

1. Open the Amazon Elastic Compute Cloud (Amazon EC2) console.

2. From the navigation pane, choose Load Balancers.

3. Choose the Listeners tab.

4. For listener 443, choose View/edit certificates.

You should see two certificates associated with listener 443.

Themen

Berechnen

Relevanter Inhalt

Wie kann ich meiner Lightsail-Instance einen Application Load Balancer zuordnen?
AWS OFFICIALAktualisiert vor einem Jahr
Wie behebe ich HTTP 502-Unzulässigkeitsfehler von Application Load Balancer?
AWS OFFICIALAktualisiert vor einem Jahr
Ich benötige eine statische IP-Adresse für meinen Application Load Balancer. Wie kann ich einen Application Load Balancer hinter einem Network Load Balancer registrieren?
AWS OFFICIALAktualisiert vor 7 Monaten
Wie migriere ich von Classic Load Balancer zu Application Load Balancer oder Network Load Balancer?
AWS OFFICIALAktualisiert vor 4 Monaten