3

I have installed nginx server in Amazon Linux 2 environment. During creation Elastic Load Balancer I created an free certificate by Amazon. Now, I want to access my server through https (port 443). How can I configure this SSL certificate in nginx.conf?

SSL configuration in nginx.conf is now commented. I saw it contains two lines like:

 #        ssl_certificate "/etc/pki/nginx/server.crt";
 #        ssl_certificate_key "/etc/pki/nginx/private/server.key";

Now, what is the location of Amazon certificate and key file location?

Rejaul
  • 831
  • 1
  • 12
  • 35

1 Answers1

6

You can't do this. ACM certificates can only be used on load balancers (LBs), CloudFront distributions and API gateway. They can't be used on instances.

This way you terminate your https on the LB, then from the LB there is only http connection to your instances:

Client ----(https)---> LB ----(http)----> Instance(s)

If you want to have https between LB and your instances, then you have to use self-signed certificate for that, but this is not commonly used. Usually termination of the https on the LB is sufficient.

Marcin
  • 215,873
  • 14
  • 235
  • 294
  • When I access LB DNS, my laravel application's url('/') helper generates http but not https. – Rejaul Nov 23 '20 at 03:01
  • @Rejaul Have you setup redirection from port 80 to 443 on the LB, so that you always server https? – Marcin Nov 23 '20 at 03:05
  • No but I can access to https://example.com but still laravel's url('/') giving http. – Rejaul Nov 23 '20 at 03:16
  • @Rejaul Probably something wrong with your LB listeners. Can you double check them if they are https? – Marcin Nov 23 '20 at 03:18
  • 1
    Solved. I have configured Laravel's trusted proxies. https://laravel.com/docs/5.8/requests#configuring-trusted-proxies – Rejaul Nov 23 '20 at 10:36