I'm doing some PoC stuff around API Gateway, and I can't access the URL that API Gateway gives me after deploying the endpoint. I have a VPC endpoint set up with Private DNS turned on. I can access the API Gateway if I use one of the VPCE DNS names and set the Host
header to the hostname of the provided API Gateway URL. But if I log into an instance in the same subnet and try to curl
the URL that API Gateway gives me, I just get this:
$ curl -ivk https://{apiId}.execute-api.us-east-1.amazonaws.com/test
* About to connect() to {apiId}.execute-api.us-east-1.amazonaws.com port 443 (#0)
* Trying {ip}... connected
* Connected to {apiId}.execute-api.us-east-1.amazonaws.com ({ip}) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error
What am I missing?