How can I secure my site from http://my_site to https://my_site
I am running Apache Tomcat and I have the AWS Certificate and Elastic Load Balancer having my EC2 instance.
Essentially you cannot add Amazon issued certificates to Tomcat: you cannot retrieve the private key of the certificate.
However, you can deploy the certificate on ELB (elastic load balancer).
You have to ensure that ELB is listening on port 443.
You will find step by step instructions on AWS documentation (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html#create-https-lb-clt).
Apparently you can download your private certificate's keys now - https://docs.aws.amazon.com/acm/latest/userguide/export-private.html
Related
I have already set up a DNS record to point my domain to the ec2 instance IP. Next, I don't know how to configure an ssl certificate on Apache that is running on a Windows server. I already have ssl certificate details.
Check out for the conf/httpd.conf in apache that is where you need to edit and add ssl..checkout this link but now you can use letecrypt certificate or any other instead of the one in the link..Or you can use any other the process is the same https://www.entrust.com/knowledgebase/ssl/how-to-configure-an-entrust-ssl-certificate-on-apache-for-windows
I deployed one web application to EB. I used Route 53 to redirect two domains to my application. On EB environment, it seems it only allows me to add one certificate to port 443 for my load balancer. Let's say my users only use my domain names to access my web application. How should I go about creating and adding SSL certificate(s) to secure the connections from those two domains to my application.
Yes, you can add. In the EB concole, you can add only 1 SSL cert. To add other ones, you have to do it directly in the EC2 console on your load balancer.
The load balancer used by your EB env supports multiple certificates. So you can add extra SSL certificates to your HTTPS listener.
Helpful information is below:
How do I add multiple SSL certificates to the Application Load Balancer in my Elastic Beanstalk environment?
How can I add certificates for multiple domains to an ELB using AWS Certificate Manager?
Application Load Balancers Now Support Multiple TLS Certificates With Smart Selection Using SNI
Elastic Beanstalk Add more than one ssl certificate
Alternatively, you can register multiple domains under one certificate.
In the EC2 console, you have an option (marked below) to modify the SSL certificates for your HTTPS listener:
Using Fabric 2 stateless services with Kestrel 3.1
Have a problem exposing a HTTPS endpoint. A primary certificate is defined on the cluster (Security section). This certificate (primary) is accessible to the nodes (i.e. via X509Store find operations on the thumbprint or subject) automatically by Service Fabric. When configuring kestrel for a particular endpoint the certificate is used by the UseHttps method on any Ipv6 address (i.e. Ipv6Any). In the Application Manifest the access to the certificate's private key is granted (see article) with an endpoint policy. Here is example code on gist. The cluster's load balanser exposes the 443 HTTPS endpoint via the 8443 port (similar to the setup in this tutorial).
Despite the above configuration when navigating to the application the response is that the web page is either down or has been moved plus a ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY error.
The service according to the logging sent to Insights starts fine using the primary certificate:
Hosting environment: Production
...
Now listening on: https://[::]:443
Anybody else get as similar setup working?
Turns out I had set the protocol to HTTP2 rather than HTTP1.
how to add a godaddy ssl certificate to a site hosted on aws ec2 (linux - apache) with domain purchased on bigrock and and A-record pointing from the bigrock console to the Elastic IP of the EC2-instance
You can include the PEM encoded SSL certificate(If the certificate is in different encoding, you can convert it to PEM encoded format) from Godaddy to the AWS Load Balancer. If you don't use a Load Balancer, you can install the SSL certificate to the Apache Server(You can download the certificate for Apache format from Godaddy) running in EC2 instance.
I am hosting Tableau Server on Amazon Web Services (AWS) EC2. My domain name is ec2-xx-xx-xxx-xx.xx-xxxx-x.xxxxxxx.amazonaws.com. I would like to convert http to https, so I want to get a SSL certificate. When I asked a certificate authority (CA), they told me that my domain includes "amazonaws.com", so I couldn't get a SSL certificate. I then tried to get a SSL certificate from AWS, I received an error message.
Error message.png
This was due to the fact that I couldn't request a certificate for Amazon-owned domain name ending in "amazonaws.com".
Does anyone know how to deal with this issue?
Sincerely,
Kazumi
Looks like you need to understand the basics of the process of purchasing a domain name, assigning an IP address to the domain name, purchasing an SSL certificate etc.
Below steps are the easiest and the cheapest way to make your endpoint be served by SSL on AWS infrastructure:
Purchase a domain name eg. knozawa.com from AWS Route 53
Create a new SSL certificate free of cost using AWS
Certification Manager (ACM)
Add your EC2 instance which hosts the Tableau server behind an ELB. The ELB
should be configured to accept traffic over port 443 only. Select
the certificate created using ACM to serve for SSL traffic over port
443.
Go to Route 53, and created a hosted zone entry like
tableau.knozawa.com and add the ELB alias to the entry.
And you are done! You can now access your Tableau installation on your own domain name, serving traffic over SSL on the link https://tableau.knozawa.com
This will probably cost you and additional USD 12.00/year for the domain name, $10-$20 per month for ELB based on traffic.