I have an ec2 instance in amazon ec2. In that i have php files and mysql database. I am connecting my database using ec2 by following
http://18.37.220.172/phpInsert.php. But i feel insecure. So i want to change into secure site.
Like this https://18.37.220.172/phpInsert.php
I have installed letsencrypt ssl certificate in ec2 instance. but http is not changed into https.
How can i enable ssl in ec2 instance. i dont have any domain name.
so i want to convert my ip address https://18.37.220.172. Is it possible.
What i have to do ?
letsencrypt does not support generating certificates without a domain name: https://community.letsencrypt.org/t/certificate-for-public-ip-without-domain-name/6082
It is possible to purchase certificates for IP addresses, but not from Let’s Encrypt. Let’s Encrypt may offer IP address certificates in the future, but as of September 2018 we do not.
Related
I bought SSL certificate from cloudflare. Now I need to activate https on my ec2 instance where I have MEAN stack application running with nginx.Also I've added cloudflare nameservers to my godaddy dns.The problem is that cloudflare didn't send me any certificates or keys, which I can attach to my nginx configs. Please tell me what is my next steps.Thanks for attention and for help.
SSL from cloudflare will terminate at Cloudflare itself. Either you can send http request from cloudflare to your ec2, or you can setup a selfsigned certificate on your ec2 and pin it at cloudflare or install letsencrypt on your ec2 for ssl.
Enduser -HTTPS-> cloudflare -HTTP-> your ec2
I'm trying to have https for a website which is hosted in AWS EC2. I have followed the steps mention in the following link.
https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04
But still its showing the privacy thing to all user who are visiting the website. How can make the certificate as trusted or how long it will take Amazon to make it a trusted one.
Please help me to solve this. I'm stuck with this for last 2 days. Answers will be appreciated and Thank you.
You can use AWS Certificate Manager to issue free SSL certificate signed by AWS Certificate Authority. However for this to work, you need to use a Load Balancer and attach the certificate to the Load Balancer which will forward the traffic to the EC2 instance.
Depending on your requirements you may wish to use SSL termination on an Elastic Load Balancer (ELB) instead.
This involves creating a free AWS certificate and an ELB. Attach both your instance the certificate to the ELB with HTTPS forwarded to port 80 on your instance.
Then just point your DNS name to the ELB. If you're using Route53 then you can just use an A-record alias.
Edit: If you want to automatically direct HTTP to HTTPS you'll need to check the X-Forwarded-Proto header in Apache's .htaccess file. More information here.
The certificate which you are using is a "Self Signed Certificate (https://en.wikipedia.org/wiki/Self-signed_certificate)".
In order to get rid of insecure certificate or privacy issues on HTTPS, you need to get your CSR signed from a trusted CA like Comodo, Godaddy etc.
Ref -
https://in.godaddy.com/help/apache-generate-csr-certificate-signing-request-5269
https://help.comodo.com/topic-437-1-843-10843-.html
OR
In case you want free verified SSL certificates, "letsencrypt" is the way to go.
https://letsencrypt.org/
You don't need to pay anyone for a certificate. Just use LetsEncrypt and their CertBot ACME client. The CertBot automates the task of issuing and renewing certificates.
LetsEncrypt is the leading free SSL certificate authority (CA) and their certs are as good as any paid cert.
i want to transfer my GoDaddy website hosting to EC2 apache. But i do have a confusion that how do i transfer SSL certificates from GoDaddy to EC2 apache.
Do i need to export certificates from GoDaddy?
How to i install those certificates on apache, including priavte key?
Thanks,
Saqib
There is no such thing as transfer SSL certificates when it comes to Apache.
You need to configure Apache server with SSL.
You can refer to the below blog post on how to do so:
https://www.digicert.com/ssl-certificate-installation-apache.htm
If i understood well, a standard SSL certificat is only for 1 server.
I have an EC2 instance, with an SSL certificate.
If i modify this instance, to change from a type of instance to another for example, i think amazon will take a snapshot and restore this snapshot on the new instance automatically.
My question is : in this case, does the ssl certificate still correct ?
thanks in advance for your replies
Frederic
Ssl certificate has been issued to the domain name(or IP address).
So, if your domain name(or IP address) has not change, the ssl certificate can continue to use.
I am attempting to get my domain (assetfarm.com.au) to use SSL. I have created a certificate and uploaded it to IAM. I associated it with my ElasticBeanstalk configuration.
I am also attempting to use Route 53 for my domain. Here are my current settings:
I'm using a self-signed certificate just to check that the issue wasn't with the certificate GoDaddy generated. Despite following the instructions on Amazon step-by-step, I am still unable to visit https://www.assetfarm.com.au or https://assetfarm.com.au. I can't even visit https with the elastic beanstalk or load balancer URL.
Please check your ELB Security Group for Port 443.
For some new AWS accounts, you may need to open Port 443 manually.