1

Is there a way to retrieve a certificate from Amazon Certificate Manager in the .ebextensions file for a single beanstalk instance without a load balancer?

The documentation only shows a way to retrieve a certificate from an S3 Bucket. https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-storingprivatekeys.html

I'm considering rebuilding my app environment with an 'application' load balancer for this cert manager convenience even though I don't need it for this lightly used internal app. We don't have an S3 Bucket set up and I think the cost of that would be almost the same as a load balancer.

Brian Bauer
  • 135
  • 10

2 Answers2

2

like @Rodrigo said, it's not possible to use the ACM cert on a single instance setup.

You can use the ACM certificate with only certain AWS services. as of today, here is the list of services that supports ACM certs.

• Elastic Load Balancing – Refer to the Elastic Load Balancing documentation

• Amazon CloudFront – Refer to the CloudFront documentation

• Amazon API Gateway – Refer to the API Gateway documentation

• AWS Elastic Beanstalk – Refer to the AWS Elastic Beanstalk documentation

Reference: With which AWS services can I use ACM certificates?

Arun Kamalanathan
  • 8,107
  • 4
  • 23
  • 39
1

Unfortunately, there is no way to export the ACM private key for use outside of the service.

Please see How do I retrieve the private key for a certificate generated on AWS Certificate Manager? and https://serverfault.com/questions/822035/download-ssl-certificate-from-aws-certificate-manager

Rodrigo Murillo
  • 13,080
  • 2
  • 29
  • 50