Trying to configure an external SSL certificate for EC2 load balancer
Hi all,
I am trying to add a ZeroSSL certificate to an AWS Load Balancer for a site hosting on an EC2 instance, but more than a week later, both my domain and the IP are not showing a secure connection in the browser.
This is what Chrome says when going to the EIP connected to the instance:
On the domain, it says "This site can’t provide a secure connection".
The website consists a React.js app, hosted by an Nginx static server on port 80, using a Docker container.
The Load Balancer type I choose is an Application LB, and the scheme is internet-facing. Here is a screenshot of the resource map:
And the security group opens port 80 and 443 to all:
Any help would be much appreciated. Thanks so much!
- 최신
- 최다 투표
- 가장 많은 댓글
Hi @matangbr,
I assume that you have your reasons for using ZeroSSL certificates.
The response from Chrome on connecting to the EIP is expected and correct as the certificate is issued for the domain and not for the IP address. No surprises there.
You might be getting an insecure connection error on the domain because the certificate you imported is invalid or corrupt. I recommend re-importing the certificate on the ALB and it should resolve the issue.
You are not using best practices in configuring security groups. While too many security groups might create performance issues, having just one security group open to all is a very insecure practice. Consider creating a separate security group for SSH and lock it down as much as possible.
Hope this helps.
Why don’t you use an AWS certificate as they are free?
Are you connecting to the ALB as your security group rules allow port 22 with I presume would be for the EC2. That too is bad in its own.
You also mention your connecting via IP. If that’s the EC2 IP then your not using the ALB.
Can you confirm your connecting to the alb and what DNS name?
관련 콘텐츠
AWS 공식업데이트됨 일 년 전
