2

I am trying to use an amazon SSL certificate for my app. Currently, I have dockerized application hosting on the AWS server with envoy front-proxy. I am using lets-encrypt SSL certificates for a trusted domain certificate. Now I want to switch it with amazon's SSL certificates.

I am exploring this but I didn't get any clear idea. This blog show how to enable traffic encryption between services in AWS App Mesh using AWS Certificate Manager. but they have not mentioned how to do it with enovy proxy.

For envoy, we have to provide cert and key files. But as per this question, we are not able to download these files from amazon. Is it possible to use the Amazon certificate with envoy front-proxy? If yes then can you please give me the idea/example of how to do it?

Thanks in advance..

aryan
  • 163
  • 1
  • 1
  • 11

1 Answers1

1

Only AWS Services can use AWS SSL Certificates. If you want to use an AWS SSL Certificate for TLS/HTTP traffic you would use an Application Load Balancer to handle the certificate and send it to your Envoy proxy hosted on an EC2 box. Ideally you would keep the network traffic encrypted which would require you to use a LetsEncrypt certificate between the Application Load Balancer and EC2.

Josh
  • 2,248
  • 2
  • 19
  • 38