Skip to content

Instantly share code, notes, and snippets.

@vovanmix

vovanmix/AWS SSL setup.md

Last active July 5, 2016 21:30
Show Gist options
  • Save vovanmix/ad93c76d6877bee735ef644f32e6bbe2 to your computer and use it in GitHub Desktop.
Save vovanmix/ad93c76d6877bee735ef644f32e6bbe2 to your computer and use it in GitHub Desktop.
Download ZIP
AWS SSL setup
Raw
AWS SSL setup.md

#It's better to terminate SSL session on ELB level and make ELB - WS communication a plain HTTP

#set up http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html

sudo yum install -y mod24_ssl

By default it sets up self-signed certificate.

#EC2 LB make sure the instance accepts 443 connections make sure LB are listening to 443 and redirect to 443 and their health checks are pointed to 443

#redirect to https to make auto redirect to https: sudo nano /etc/httpd/conf.d/ssl.conf at the very bottom:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule !(^/emails/(.*)) https://%{HTTP_HOST}%{REQUEST_URI}
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

another option, edit main apache config and add:

<VirtualHost _default_:80>
  DocumentRoot "/opt/bitnami/apache2/htdocs"
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

#generate a real cert - issue a certificate sudo nano /etc/httpd/conf.d/ssl.conf

SSLCertificateFile      /etc/pki/tls/private/server.crt
SSLCertificateKeyFile   /etc/pki/tls/private/server.key

https://devcenter.heroku.com/articles/ssl-certificate-self

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment