0

I have a webserver running on a AWS EC2 instance (has an elastic IP) that can be accessed over my own domain (www.xy.ch) via http. Now, I need to access the webserver via https and so I created a certificate for my domain (www.xy.ch), uploaded it to AWS Certificate Manager and added the certificate to a Load Balancer connected with my EC2 instance.

This seems to work so far. When I target the DNS name of my Load Balancer (xyz.eu-central-1.elb.amazonaws.com) with a https in front, I can access my webserver. But the certificate is flagged invalid, because its common subject name (my domain name: www.xy.ch) does not match the input (DNS name of Load Balancer: xyz.eu-central-1.elb.amazonaws.com).

But now, I have no idea how to proceed so that I can access my webserver with https over my own domain (www.xy.ch). It does not work at the moment, so I obviously miss a configuration step, but I really don't understand what.

How can I connect my own domain with the Load Balancer's DNS?

I did some research and tried to understand the answers of similar cases (e.g. Assigning Static IP Address to AWS Load Balancer), but could not find a solution for my case.

David Studer
  • 105
  • 9
  • 1
    You need to point a DNS record for your custom domain `www.xy.ch` to the load balancer. A static IP is not necessary at all. – Mark B Jul 06 '18 at 13:27
  • @MarkB That sounds promising, would you do that with a `CNAME` entry or with another type? And do I then have to delete the entries I already have directed to the elastic IP of my webserver? – David Studer Jul 06 '18 at 14:34
  • If you have www.xy.ch pointing to the elastic IP of your web server, then you are bypassing the load balancer. You need to change that DNS record to point to the load balancer. You probably need to use a CNAME record, but it depends on if you are using Route53 for DNS or not. – Mark B Jul 06 '18 at 14:54
  • Ok, I am not using Route53, I use a third party DNS manager. So I will delete the current entries pointing to my elastic IP and will look if my problem gets solved. – David Studer Jul 06 '18 at 15:04
  • 1
    Yes you will need to create a CNAME record then, that points www.xy.ch to the load balancer's DNS name. – Mark B Jul 06 '18 at 15:16

1 Answers1

0

The solution was indeed to delete all DNS entries pointing to the IP of the webserver and redirecting everything DNS wise over the Load Balancer. Credits to Mark B!

David Studer
  • 105
  • 9