I want to install SSL certificates in an Elastic Beanstalk environment, but I can't find a way to do it, neither uploading through the aws cli, nor adding files to the project.
I've read tutorials from namecheap* (where I purchased the certificate) and from Comodo (the guys who issue the certificate), but I still could not understand what to do. Both mention files that I could not identify. Please, I'd appreciate if you could shed a light in here: how to set up these SSL certificates?
I received 3 files:
My application is in AWS EB and it is a web app in node.js and express.js.
References (confusing tutorials):
* https://comodosslstore.com/resources/how-to-install-ssl-certificate-on-aws-ec2-instance/
AWS offers free SSL certs that automatically renew through its Certificate Manager which are much easier to apply to your Elastic Beanstalk setup.
In either case, if you are using a Load Balancer, then that is where you need to apply your SSL cert. Go to Configuration -> Load Balancer. Make sure you have a port on 443 with the HTTPS protocol. And then you can add your SSL cert. If you are using certs from Certificate Manager, then you just select your cert and you're done. If you are using your own certs, then it will instruct you which ones to paste in to the form. It can be a little bit confusing, and at one point Elastic Beanstalk had a bug where it would tell you there was an error uploading your cert, but if you exited, it had actually uploaded successfully. Not sure if that has been fixed.
I suggest trying to get a refund from Comodo and using the free certs through SSL, or just cut your losses in the interest of ease, and use the free cert, just remembering to turn off any auto-renew with Comodo.
Thank you, @littleforest. I tried it many times today using different strategies from different sources, but I still could not get my "https:" to work.
I uploaded a certificate from Comodo and it was actually validated and seams to be ready to user. Also, I have requested an AWS certicate through the ACM, but it's been pending validation since this morning (4 hours ago).
Anyway, the certificate from Comodo was issued. I have applied that to my 443 port in my classic load balancer. But still, it does not work.
For the cert through ACM, did you set up the correct CNAME at your DNS provider for validating the domain?
I did. I believe I copied and pasted the right names in the right places, but it didn't work. So, I decided to try the "import certificate" button and it was kind of simple to use. I did use the support from namecheap to generate ".pem" files from the weird files that Codomo sent me, but it worked out fine. Having the certifiates in place was just one part of the problem though. I needed to configure my single instance EB to use port 443. I tried hard and read a lot, but I still don't know how to do that. I ended up switching to use load balancer and then it was dead simple to configure.