0

I know similar questions have been asked here and I read them all, but I could not get a clear answer. So I am asking here.

I have an EC2 instance.It is a dedicated instance running LAMP. Everything works fine in this using http. I want to run it over https. After reading much about using https on EC2 and then using https over apache a lot of suggestions/information seems to overlap or contradict and I do not have enough clarity.

Here are what I think needs to be done. Can anyone tell me if I got it right, or correct me if I am wrong?

  • So I think the first thing to do is in the AWS console I need to do some setting that enables port 443 for my EC2 instance.
  • I need a cert file. Since I do not have any commercial ones, I can temporarily create and use a self-signed one for testing purposes.
  • This temporary self-signed cert is created using the openssl command
  • Once I create the temp self-signed cert, I need to update httpd.conf to support it (some additional config lines)
  • At this point https should work, but maybe with a warning since it is self-signed
  • When going live, I just need to replace the cert files with the ones that was purchased.

Are these assumptions right? Or is there no need for all the openssl thingy in AWS and instead it can be managed from AWS console?

Is there a way to check if a cert is already installed in the instance (I am thinking it could be that the cert is there but the port has not been enabled in the AWS console...)

Any pointers are greatly appreciated!

open_sourse
  • 141
  • 2
  • 8

2 Answers2

1

Https over apache requires mod-ssl that requires a library such as openssl. Please ensure that iptables / allows the https port Not sure if you are using an image that provides a test cert. You could check for it in the docs or in the httpd-ssl.conf. Otherwise what you have detailed captures the essential teps.

Khanna111
  • 234
  • 2
  • 6
1

LAMP Stands for Linux, Apache, MySQL, PHP

The only additional steps needed to be taken on EC2 are opening up the correct ports (HTTPS defaults to 443).

Once that has been done, the instructions are the same for any LAMP server. This includes the openssl commands to generate and self-sign the certificate for use.

kmac
  • 146
  • 4