HTTPS Certificate for compute-1.amazonaws.com

0

Hi all, I'm new on AWS stuffs, I have a EC2 machine running with Elastic IP, that give me the address https://ec2-xx-xx-xx-xx.compute-1.amazonaws.com. When I set up the server I used a self signed certificate. The issue is when I open the web interface it is complaining about the invalid certificate, that is correct as I self signed the certificate to https://ec2-xx-xx-xx-xx.compute-1.amazonaws.com. How do I get a signed certificate to run on amazonaws.com domain? I don't have my own domain but for my use case I can use the domain generated by the Elastic IP. Is it possible to do what I'm planning for? How to the the signed certificate? Thank you in advance for any hints.

Justen
asked 2 months ago156 views
2 Answers
1

As Steve_M mentioned, you cannot get a certificate for amazonaws.com domain as you do not own it. There are a few options.

You can purchase a new domain from external providers or from Amazon Route 53. After which, create DNS record that resolves to your EC2 IP, obtain a SSl/TLS cert and install on your EC2. You can either purchase a certificate or use tools such as certbot to obtain a free SSL cert.

Alternatively, you can use Amazon CloudFront to front your EC2 instance. It will create a new http/https distribution with name in the form of https://[cloudfront-distribution-id].cloudfront.net. As you have a self-signed cert on your EC2, configure your CloudFront origin policy to http only.

AWS
EXPERT
Mike_L
answered 2 months ago
0

How do I get a signed certificate to run on amazonaws.com domain?

You can't. This is something that pretty much everybody comes across when we start out on AWS, and get our first webserver running on EC2.

You can only generate certs for domains that you own, and (stating the obvious) you don't own amazonaws.com - Amazon does. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#ssl_prereq

To use your EC2 instance to host a public website, you need to register a domain name for your web server

profile picture
EXPERT
Steve_M
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions