- Newest
- Most votes
- Most comments
As Steve_M mentioned, you cannot get a certificate for amazonaws.com domain as you do not own it. There are a few options.
You can purchase a new domain from external providers or from Amazon Route 53. After which, create DNS record that resolves to your EC2 IP, obtain a SSl/TLS cert and install on your EC2. You can either purchase a certificate or use tools such as certbot to obtain a free SSL cert.
Alternatively, you can use Amazon CloudFront to front your EC2 instance. It will create a new http/https distribution with name in the form of https://[cloudfront-distribution-id].cloudfront.net. As you have a self-signed cert on your EC2, configure your CloudFront origin policy to http only.
How do I get a signed certificate to run on amazonaws.com domain?
You can't. This is something that pretty much everybody comes across when we start out on AWS, and get our first webserver running on EC2.
You can only generate certs for domains that you own, and (stating the obvious) you don't own amazonaws.com - Amazon does. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#ssl_prereq
To use your EC2 instance to host a public website, you need to register a domain name for your web server
Relevant content
- asked 2 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 years ago