发表新帖
发表新帖

Setup an SSL certificate on an EC2 instance

后端 未结
关注
3 924
一生所求
一生所求 2021-01-31 19:16

I\'m having hard time trying to setup an SSL certificate (it\'s a Comodo PositiveSSL purshased from NameCheap) on my EC2 micro instance (I\'m using Amazon Linux AMI 2012.3, whic

相关标签:
3条回答
  • 挽巷
    2021-01-31 19:55

    Sometimes this section

    <VirtualHost _default_:443>

    prevents your real SSL certificate from being used. If this is the case either comment VirtualHost default or move the SSLCertificate* attributes to it, ie.

    <VirtualHost _default_:443>
  SSLCertificateKeyFile /etc/ssl/mydomain_com.key
  SSLCertificateFile /etc/ssl/mydomain_com.crt
  SSLCertificateChainFile /etc/ssl/mydomain_com.ca-bundle
</VirtualHost>

    Make sure you restart apache after that.

    0 讨论(0)
  • 暖寄归人
    2021-01-31 20:03

    Amazon now provide a certificate manager! (for free)

    If you use Elastic Beanstalk this is the new way to do: It's free, You avoids errors due to the configuration and it's a better choice on a performance point of vue:

    Because ELB supports SSL offload, deploying a certificate to a load balancer (rather than to the EC2 instances behind it) will reduce the amount of encryption and decryption work that the instances need to handle.

    from the doc:

    The new AWS Certificate Manager (ACM) is designed to simplify and automate many of the tasks traditionally associated with management of SSL/TLS certificates. ACM takes care of the complexity surrounding the provisioning, deployment, and renewal of digital certificates! Certificates provided by ACM are verified by Amazon’s certificate authority (CA), Amazon Trust Services (ATS).

    Even better, you can do all of this at no extra cost. SSL/TLS certificates provisioned through AWS Certificate Manager are free!

    ACM will allow you to start using SSL in a matter of minutes. After your request a certificate, you can deploy it to your Elastic Load Balancers and your Amazon CloudFront distributions with a couple of clicks. After that, ACM can take care of the periodic renewals without any action on your part.

    the doc:

    https://aws.amazon.com/fr/blogs/aws/new-aws-certificate-manager-deploy-ssltls-based-apps-on-aws/

    0 讨论(0)
  • 轻奢々
    2021-01-31 20:12

    Looking at your list, it happens that you forget to enable your configuration with your Virtual host.

    sudo a2enmod ssl
sudo a2ensite default-ssl
sudo /etc/init.d/apache2 restart

    There is a complete guide on how to install an SSL certificate on your EC2 here https://medium.com/@adnanxteam/how-to-add-ssl-certificate-to-laravel-on-ec2-aws-18104cc036d1

    0 讨论(0)
 看不清?
提交回复
热议问题