0

I'm trying to set my own domain name as an alias for the generated DNS by Amazon's ELB. The generated DNS is not good for me, since I've purchased a certificate for my domain (www.domain.com).

However, when I set www.domain.com to be the alias for uglydns-292929292929.us-west-2.elb.amazonaws.com in route53 panel, and go to my browser to try to access www.domain.com, it automatically changes the URL in address bar to uglydns-292929292929.us-west-2.elb.amazonaws.com:9876/app/path/.

This leads to an awful message on screen saying that the site is using a certificate for www.domain.com and that uglydns-292929292929.us-west-2.elb.amazonaws.com might be a dangerous site.

How could I solve this issue? I need to use my 100 dollars certificate with the load balancer, so a great solution is to give the ELB a domain I create instead of the ugly one generated by aws. Please help!

GregL
  • 9,370
  • 2
  • 25
  • 36
Jorge Cespedes
  • 101
  • 1
  • 2

1 Answers1

2

There are two parts to configuring an ELB to use HTTPS with a custom domain.

  1. Configure the ELB to use your own certificate
  2. Configure a CNAME record for your DNS to point to the ELB (if you are using Route53 you could use an Alias record)

It sounds like you have done the above two steps, but are still having an issue.

If you have a CNAME or Alias record set up this will not cause the URL in your address bar to change. If it is changing then this would be because of some type of redirect your app is performing. Make sure your application is configured to use the actual desired domain name for any type of links or redirects to ensure your browser loads the correct page.

JaredHatfield
  • 256
  • 1
  • 5
  • Thanks @JaredHatfield's for your reply. However, I don't think I understand what you mean.. do you have any links where I can read about what you're suggesting? I'm using a tomcat application server. – Jorge Cespedes Aug 07 '15 at 14:00
  • What I'm saying is if you have a CAME DNS record for www.domain.com pointing to uglydns-292929292929.us-west-2.elb.amazonaws.com and you visit www.domain.com there is no reason for that to change back to the ugly domain unless your tomcat application is doing that. – JaredHatfield Aug 07 '15 at 14:02
  • Yes, unfortunately it keeps happening.. so you suggest that it must be some server configuration issue.. if I'm using apache tomcat, where could I find information regarding the configuration that should be applied to stop this automatic conversion once www.domain.com is resolved. – Jorge Cespedes Aug 07 '15 at 14:10
  • Yes, it seems that some type of server configuration issue is one possibility. However, it is not the only possible cause. What type of DNS record do you have configured? Are you using a CNAME record? If you are using a service to just redirect the domain and not actually a proper CNAME record that is another potential cause of this behavior. – JaredHatfield Aug 07 '15 at 14:13
  • Well I'm using this guide to use a custom domain name: https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/using-domain-names-with-elb.html#dns-associate-custom-elb. It basically says that you have to create A record and select the Alias option, which allows you to select the load balancing public dns. So that's what I did, and certificate warning appears since www.domain.com converted to the generated public dns. – Jorge Cespedes Aug 07 '15 at 14:18
  • I'm still unclear as to the exact issue. Which URL are you seeing in the address bar? If it is www.domain.com and you are getting a certificate error then you did not complete step 1 that I mentioned in my post to upload your certificate to the ELB. – JaredHatfield Aug 07 '15 at 14:21
  • When I go to browser, I type www.domain.com. Once it resolves this domain, it changes to uglydns-292929292929.us-west-2.elb.amazonaws.com:9876/app/path which causes certificate warning to appear on screen, since my SSL certificate was issued for www.domain.com not for uglydns-.......... – Jorge Cespedes Aug 07 '15 at 14:25
  • 2
    Sorry for the extended discussion, one last comment here since I believe my original interpretation of the question was correct. I stand by my original assertion that the redirect to the "ugly" url is occurring because of your application performing some type of redirect. Without additional information as to what your application is doing there is no other additional advice that can be provided. – JaredHatfield Aug 07 '15 at 14:29
  • I moved to chat but to reply your comment.. I'm using default tomcat configuration.. nothing was modified. – Jorge Cespedes Aug 07 '15 at 14:34