Connecting AWS ELB to EC2 with SSL

Connecting AWS ELB to EC2 with SSL

An ELB (load balancer) is a device that load balances and distributes requests, but AWS allows the ELB to be SSL-enabled for HTTPS communication.

This makes it possible to use HTTPS for Apache on EC2. To be precise, HTTPS is used up to the ELB, and HTTP is used between the ELB and EC2.

前提

  • Already have one own domain with Route53
  • In Northern Virginia *. ACM created for domain.co.uk
  • VPC, EC2 already created
  • Apache already installed on EC2

Before “adding listeners” to the load balancer created at “https://confrage.jp/en/connect-to-aws-ec2-via-elb-alb/“, first release port 443 of the load balancer’s security group.

Port 80 should also be released at one point.

This is so that you can see the Apache Welcome page even if you access it via “http://http://elb.xxx.co.uk/”.

If you do not want to show the http exit, you can remove port 80.

AWSのELBをSSL化してEC2と接続する

Next, in order to SSL-enable port 443 of the load balancer, you will need an ACM (in the same region as the ELB).

Since EC2 is located in Ohio, ACM will also be created in Ohio.

The domain name of the certificate should be “elb.xxx.co.uk”.

Perform DNS validation and verify that the CNAME is added by Route53.

After confirming that it is “issued,” finally add a listener.

AWSのELBをSSL化してEC2と接続する

Configure target group settings.

The target group specifies which port of the EC2 between ELB and EC2 is to be released. Here, port 80 is released.

AWSのELBをSSL化してEC2と接続する

Change CloudFront settings

Change the settings made in “https://confrage.jp/en/connect-to-aws-ec2-via-elb-alb/“.

AWSのELBをSSL化してEC2と接続する

AWSのELBをSSL化してEC2と接続する

AWSのELBをSSL化してEC2と接続する

This completes the setup.

Please visit http://elb.xxx.co.uk/でもhttps://elb.xxx.co.uk/でもEC2のApacheのWelcomeページにアクセス出来ることが確認できます.

AWSのELBをSSL化してEC2と接続する

Reference Site

CloudFrontとELB間をSSLで通信させる | DevelopersIO

コメント

Discover more from 株式会社CONFRAGE ITソリューション事業部

Subscribe now to keep reading and get access to the full archive.

Continue reading

Copied title and URL