1

I have an EC2 instance that I will use for some backend services in my mobile app. In order to get valid SSL certificates for this instance, here is what I did:

  1. Setup EC2 + python backend services
  2. Got an OVH domain name
  3. routed my EC2 elastic IP adress with this domain name (both with Route 53 of AWS and in OVH)

Now, I'm trying to get a valid SSL certificate with AWS Certificate Manager, but my request is in pending validation for three days... Did I do something wrong? Thanks a lot for your help.

Abilys38
  • 111
  • 2

1 Answers1

1

  1. Does your domain really use the Route53 name servers? That has to be configured in your registrar (OVH?)

  2. Did you create the required ACM validation TXT record in your Route53 Hosted Zone?

  3. You won’t be able to use an ACM-issued certificate in EC2 anyway, ACM certs can only be used with Application Load Balancers (ALB), CloudFront, and some other services. They can’t be exported for use on EC2.

If you’re not planning to use ALB you may consider a LetsEncrypt certificate.

Hope that helps :)

MLu
  • 24,849
  • 5
  • 59
  • 86
  • Thanks for your answer. Thus, I need to rely on LetsEncrypt... The problem is I don't have a web hosting subscription in OVH, just a domain subscription. And setting up certificates from the shell is very tough in my instance, as I can't download Certbot :(( – Abilys38 Sep 08 '20 at 11:36
  • Conclusion: There is no easy way to get a official ssl certificate in EC2 ? – Abilys38 Sep 08 '20 at 11:37
  • 1
    @Abilys38 I don’t know OVH, sorry. The easiest is to use *Application Load Balancer* in front of your EC2 and use ACM issued certificate. That’s what I would do. Other than that LetsEncrypt certbot can be made to run on Amazon Linux 2, or you can spin up Ubuntu EC2 where certbot works out of the box. – MLu Sep 08 '20 at 12:04