问题
From now on, my application needs a secure connection (HTTPS). I verify that most of tutorials for adding secure connections (https) on Amazon Web Services Elastic Beanstalk uses the Elastic Load Balancer as a tunnel.
In my case I'm running a single instance, in fact I don't need a Load Balancer. How can I add a secure connection to my instance without a Elastic Load Balancer? Is that possible?
I am using 64bit Amazon Linux 2017.03 v2.4.4 running PHP 7.0 Elastic Beanstalk.
回答1:
That is definitely possible. Here is an example from AWS using Apache.
The basic steps are:
- Enable SSL on the server
- Get a certificate authority (CA) signed certificate. For testing purposes you can create a self signed cert. Here is an example of how to do that using openssl.
回答2:
Edit
You can also use CloudFront for this. This will also allow you to use certification from Certification Manager. Just remember to create them in N-Virginia region.
WARNING
The data between CloudFront and Elastic Beanstalk is still going to be exchanged over http as your container doesn't support https.
You also need to change the following settings:
Under Allowed HTTP Methods you need to selected at least
GET, HEAD, OPTIONS, but most likely you'll want also POST/PUTYou don't want CloudFront to cache your results, so you'll need to set the
Cache Policyto Managed-CachingDisabledYou also want your all the request's headers, cookies & query strings to be passed on to the
Origini.e. yourElastic BeanStalk Container. To do so you need to set theOrigin Request Policyto Managed-AllViewer
回答3:
https can be configured without a load balancer using a proxy server which is your case (php with Amazon Linux 2+) should be nginx. I have created a gist for configuring https in EBS and it fits in Free Tier 🎉🎉🎉 but for java. You can see more examples here but first find what proxy server you are using(apache or nginx) as the configuration varies accordingly. For more info see Reverse proxy configuration
来源:https://stackoverflow.com/questions/46308909/is-possible-to-use-amazon-elastic-beanstalk-with-ssl-https-without-a-load-bala