9

I know that you can add your own certificate to the domain and point that domain to the AWS Elastic Load Balancer. In my case I don't have domain, but would like still use secure HTTPS/SSL connection when talking client <-> backend. Is it possible to enable HTTPS connection directly to ELB, i.e instead of using http://some-random-url-here.eu-west-1.elb.amazonaws.com I would like to use https://some-random-url-here.eu-west-1.elb.amazonaws.com

That would mean, that AWS would need to provide the cert for the *.elb.amazonaws.com domain. I remember at least long time ago this was possible, but maybe my memory does not serve me right?

Maksim Luzik
  • 5,863
  • 4
  • 36
  • 57

1 Answers1

12

Memory does not serve you right. This is not possible now and would not have been possible in the past. ELBs don't have, and it is not possible to obtain, a certificate like this (including from Amazon Certificate Manager).

In fact, 3rd party providers like Let's Encrypt also have protections to prevent you from obtaining certificates like this, since amazonaws.com is not your domain.

You will need a domain that you control.

Michael - sqlbot
  • 169,571
  • 25
  • 353
  • 427
  • 2
    This is unfortunate but exactly the answer I was looking for. – jamis0n Jan 05 '20 at 20:39
  • @Michael - sqlbot Thank you for the direct answer. I've been researching about how to do this for a day now. I was not expecting to get a certificate but - like in amplifyapp.com that gives you free https - I thought that amazonaws.com can do that too. – MEDZ Jun 14 '20 at 10:00
  • azure can do that, they provide free https for all websites by default. You can add custom domain and your ssl to that if you want. At this point i dont like aws. – Hieu Le Sep 16 '20 at 14:51