I’m learning the basics of AWS Services and I found Elastic Beanstalk to be very interesting. I wanted to build a test environment with active HTTPS.
Since I’m not able to provide a valid SSL certificate for the given domain (instance.server.elasticbeanstalk.com) for HTTPS I have to use one of my own domains. Buying a domain would be too much for this small case so I decided, I’m going to use a subdomain of my company’s domain like aws.mycompany.com.
I don’t have too deep knowledge about DNS records, Nameservers but I’ve found an awesome article about redirecting a subdomain to an AWS service, that would be able to work with Elastic Beanstalk without using even Elastic IPs, Route 53 A record can be assigned to an EB Instance, so you don’t need to pass an exact, static IP address.
If you are not familiar with Elastic Beanstalk, here is a good start point to set up a test server with a basic website (Laravel):
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/php-laravel-tutorial.html
Redirect a subdomain to your Elastic Beanstalk with AWS Route 53:
Thanks for Scott there is a very straightforward tutorial that you can follow even with almost zero knowledge.
The short version is, you should create a nameserver in the Route 53 console, and assign the nameservers with the subdomain on the domain’s DNS editor.
For the details, check this article below:
Adding SSL Cert to AWS:
So, our subdomain points to our Elastic Beanstalk instance (website), now we need an SSL Certification. You can generate and validate one on the website below:
I used the DNS verification process and added the required TXT record on Route 53 page:
https://console.aws.amazon.com/route53/home#hosted-zones:
Follow the steps, wait until your domain has been verified by the TXT record (reload the verification page from the Step 3.), then click to Download SSL Certificate button.
Download and backup your certification package, don’t close the page!
Open Amazon Certificate Manager
https://us-west-1.console.aws.amazon.com/acm/home?region=us-west-1
Import the generated SSL Certificate (copy-paste the strings from the certification generator or from the downloaded zip file).
If everything is fine, after import you should see a green ‘issued’ text on your Amazon Certificate Manager home page.
HTTPS and Elastic Beanstalk
If you’re using Load Balancers you have to add a Listener:
Go to your Elastic Beanstalk instance, select Configuration -> Load Balancers Click Add Listener button in Application Load Balancer section:
Select HTTPS protocol (port 443), and select the certification that you just added in Amazon Certificate Manager.
Save, scroll down and Apply the changes, and wait until your instance is up again. Usually, you should get an ‘ Environment update completed successfully’ or something like this.
If you open your subdomain, it should point to your server and the HTTPS connection should work.
