Wildcard SSL on Lightsail Load Balancer

末鹿安然 提交于 2021-01-28 12:10:49

问题


I've reviewed the Lightsail load balancer and unlike ACM, you cannot add wildcard SSL's.

For example on ACM, this can done:

example.com
*.example

And then attached to an EC2 Loadbalancer.

But for Lightsail, the wild card is not accepted. When we issue only on the apex domain to the load balancer:

example.com

When we resolve demo.example.com, we get a cert invalid error.

As we don't know ahead of time the sub-domains in use, and the limit of 9 is too few, is there a workaround?


回答1:


I came up with a solution but I can't say for sure it is the only one.

TL;DR - Use an EC2 Load Balancer and add it's target as your LighSail instance. To this load balancer attach a standard ACM certificate. Don't use the LightSail load balancer at all.

Outline Steps

  1. Launch a load balancer in EC2 and attach your LightSail instance as a target (Remember to use the private IP of your LightSail instance and check your secuirty settings, zone and region prior to set up)
  2. Open ACM and provision your certificate. To protect your entire domain, you will require two entries on this cert i.e. example.com and *.example.com
  3. Validate the certificate (DNS etc) and attach it to the load balancer in EC2.


来源:https://stackoverflow.com/questions/56465773/wildcard-ssl-on-lightsail-load-balancer

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!