- Le plus récent
- Le plus de votes
- La plupart des commentaires
So long as your self signed cert is installed on tomcat and you connect to you ALB via HTTPs then this will work.
If you have your own CA SSL cert imported into ACM and applied to the ALB the subject of the cert needs to match the dns name of the requests.
Route53/DNS makes no difference to which certificate you use.
How and where were you seeing your connection private error? To me it sounds like your going direct to the ec2 than via the alb when you see this error.
I am using an ALB. Here is the thing, the CA provider support folks are saying "www.mydomain.com" on which the certificate is issued, does not match the ALB DNS "https://mydomaincloudlb-XXXXXXX.us-east-1.elb.amazonaws.com/mydomain/blah" so the TLS handshake isn't happening. While I am trying to tell them the CNAME mapping for this DNS maps to "www.mydomain.com".
You should never be using "https://mydomaincloudlb-XXXXXXX.us-east-1.elb.amazonaws.com/mydomain/blah" to access your site expect for debugging. You will always have the cert error here.
You should only be using "www.mydomain.com" to access your ALB to which will match your Cert
Contenus pertinents
- demandé il y a 4 jours
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
Thanks Gary. I am hitting the ELB for sure, and the ELB has CNAME entries in my provider as I mentioned earlier. There is a "Not Secure" alert right by the protocol window on the browser, and the warning when I go to the URL is "Your connection to this site is not secure", and I have to click the advanced link to proceed at my risk. The funny thing is, I got this warning when I installed my self signed certificate on Tomcat, and looking around the web I understood self signed certs are not considered safe. So I went ahead and purchased a CA signed cert and installed that, and ensured my Tomcat config accepted the AJP->Port 8443 flow. I am still seeing the same error, but I can assure you I am hitting the ELB and not EC2
That’s not aws causing that then. That’s certificate related. What DNS name are you connecting too? AWS do not care about self signed certs on Targets.
Are you using a NLB or ALB?