1

I have just set up my first "Application Load Balancer" and I chose the SSL option to connect allowing AWS to generate the certificate for me based on my domain (www.example.com).

I have set the target to my EC2 instance and now I want to connect to the Load Balancer but not sure how. If I just connect to the DNS name of the load balancer I get an invalid certificate error.

I have read that I need to set a record for my domain but because the IP of an application load balancer may change, not sure if that is a good idea.

The documentation mentions the following:

Clients can use the Server Name Identification (SNI) protocol extension to specify the hostname they are trying to reach.

But I couldn't figure out how to do that. I'm very new to Load Balancers and not quite sure how to proceed.

alionthego
  • 8,508
  • 9
  • 52
  • 125

1 Answers1

2

The following problem is easy to solve with AWS Route 53:

  • Create a hosted zone in Route 53
  • Choose the name of the hosted zone that has the domain name that you want to use to route traffic to your load balancer
  • Choose Create Record Set.

  • Specify the following values:

    Name:

    Type the domain name that you want to use to route traffic to your ELB load balancer. The default value is the name of the hosted zone.

    For example, if the name of the hosted zone is example.com and you want to use acme.example.com to route traffic to your load balancer, type acme.

    Type:

    Choose A – IPv4 address.

    Alias:

    Choose Yes.

    Alias Target

    Find the applicable category in the list (ELB Application Load Balancers, ELB Classic Load Balancers, or ELB Network Load Balancers), and then choose the name that you assigned to the load balancer when you created it.

    Routing Policy: Accept the default value of Simple.

    Evaluate Target Health:

    If you want Route 53 to route traffic based on the health of your resources, choose Yes

  • Choose Create.

Also If you don't want to use Route 53 and if it's not at the apex, you use a CNAME to the ELB.

Refer to this Guide

Something like :

my.web.thingy.org        CNAME  my-loadbalancer-1234567890.us-west-2.elb.amazonaws.com.

And yes you are correct the IP of ELB Changes Frequently and thus it is not recommended to use A Record in DNS.

Hope this Helps

Kush Vyas
  • 5,813
  • 2
  • 26
  • 36
  • I have the hosted zone in Route 53. Excuse the lack of knowledge here, but I click create record set and choose A type. But in the value field, Do I need to put the IP for the load balancer? (which needs to be updated constantly)? Not really very familiar with this process. – alionthego Feb 08 '18 at 10:08
  • okay, I found the article based on your guidance to set up the A record: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-elb-load-balancer.html thanks very much. – alionthego Feb 08 '18 at 10:16
  • Yes I forgot to mention the link , I have updated the answer in detail now so it is easy to understand. – Kush Vyas Feb 08 '18 at 11:04