I bought a godaddy domain and managed to map it to the lightsail ip address.
I used "let's encrypt" certbot to issued a license to that domain name. Successful.("Congratulations! You have successfully enabled https://jacky2020.com")
http works, https still doesn't.
Tutorials on Amazon website does not seem to work on the basic account($5/month)
Have you opened up port 443 / https in the Lightsail firewall for that instance?
Related
I have purchased ngrok pro plan to use whitelabeled domains through cloudflare. But having trouble configuring end to end SSL encryption.
React app is running on localhost (http://localhost:3000).
created a domain (app.example.com) in ngrok.
added CNAME record for xxx.ngrok.io url in cloudflare for app.example.com.
SSL is enabled in cloudflare
https://app.example.com gives HTTP 520 error on cloudflare
cloudflare has universal certificate on *.example.com domain.
Is there anyway i can have https://app.example.com resolves to https://localhost:3000 through ngrok?
Here is one way, assuming you are fine with having Cloudflare only act as DNS:
Configure ngrok to serve the correct TLS certificate. In ngrok for your domain app.example.com, select the "Automated TLS certificates" option, which means ngrok will provision one for you.
In Cloudflare, "grey cloud the DNS record" so that traffic is no longer proxied through Cloudflare before it is proxied through ngrok. Now it will only be proxied through ngrok before being forwarded to your local server.
Start your ngrok tunnel. Assuming your local server is not configured to terminate TLS, you can run something like ngrok http --bind-tls=true --hostname=app.example.com 3000 to start a HTTPS only tunnel endpoint.
I was looking ngrok tunnel solution proposed and I also found a way you can do an Argo Tunnel through cloudflare directly. This can be another approach to the problem. https://developers.cloudflare.com/cloudflare-one/tutorials/share-new-site
I didn't answer your question. I just want to share, that we can make localhost on our computer accessible through our own domain using cloudflare tunneling.
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide/
I am working with Load Balancing to have https to my static website and I have my domain in GoDaddy
I created a LoadBalancer with
Backend configuration: To my Cloud storage buckets & enabled CDN.
Frontend configuration: Https having static IP I have enabled
Google-managed SSL certificate with my domain example.com which is in GoDaddy.
Do I need to do any configuration in GoDaddy like pointing, After 10-20 min I get FAILED_NOT_VISIBLE in domain status
I am new and don't know how to link.
In google docs I can see DNS records for your domain must reference the IP address of your load balancer's target proxy, Can someone help me to understand.
https://cloud.google.com/load-balancing/docs/ssl-certificates?hl=en_US&_ga=2.190405227.-1195839345.1570257391#certificate-resource-status
Finally I fixed it, We need to point the Static IP to DNS in my case I have in GoDaddy, It took some time to point DNS and then it took time for my Google-managed SSL certificate to turn green.
Once it's done I hade an issue with err_ssl_version_or_cipher_mismatch for this we need to add Policy to tell LB to use TLS 1.2 but in my case it automatically resolved in 10 min.
We can Point DNS in two ways one by directly adding Static IP to A record in GoDaddy other is by creating a Cloud DNS in GCP and point Nameserver in Godaddy.
We must establish a link to confirm our DNS with Static IP of LB so that the SSL turns Green after confirming Domain status.
Scenario: I have an EC2 instance which hosts the api's.
I am using elastic ip for ec2 instance.
This is the url where I can access to my apis.
ec2-xx-xxx-xx-xxx.us-east-2.compute.amazonaws.com
I want to add ssl to this url
please guide how to add ssl to my ec2 instance
You can't have ssl certificates for *.amazonaws.com, you need to have custom domain and for that domain you can have ssl certificate, basically for getting ssl certificates you need to have DNS control of that domain or your one of the emails should be listed in WHOIS lookup, both not possible for amazonaws.com
We have the ssl certs from symantec and have added them to the LB in aws which is currently holding one ec2 instance. We are also using route53 for dns. https://domain.com isn't working, port 80 is ok. I've verified my security groups are allowing 443 for ec2 and lb.
I've been using www.wormly.com to test SSL and notice that the domain.com fails but the FQDN of the load balancer passes "green" for the certs but not the domain.com...
Does the csr need to use the FQDN of the aws load balancer?
There were residual dns records that had to be updated on godaddy unbeknownst to me due to my not having initially purchased the domain.
I am using an Amazon EC2 instance with Ubuntu 14.04 and running an apache2 webserver. I bought my domain with godaddy and migrated the nameservers to cloudflare. Since cloudflare offers free SSL, I have that enabled. I have never built a website to use SSL only and I know this is possible because many websites are SSL by default. So my question is how to have visitors use SSL only site-wide?
Thanks
You can do this via PageRules in CloudFlare.