AWS Elastic Beanstalk Namecheap SSL配置 [英] AWS Elastic Beanstalk Namecheap SSL Configuration
问题描述
我的iOS软件平台在AWS Elastic Beanstalk上运行,并具有我们称为"something.elasticbeanstalk.com"的URL.我有一个网站,我们将其称为"website.com",该网站是我通过Namecheap购买和操作的DNS记录.我需要将iOS客户端应用程序的URL设置为用于连接服务器HTTPS的URL,因为由于应用程序传输安全性,Apple很快会要求使用此URL.
My iOS software platform runs on AWS Elastic Beanstalk and has a URL we'll call "something.elasticbeanstalk.com". I have a website we'll call "website.com" I purchased and operate the DNS records for through Namecheap. I need to make the URL my iOS client apps use to connect to the server HTTPS since Apple is requiring this soon due to App Transport Security.
我应该做的事情
我想我应该做的是,为"website.com"创建一个SSL证书,然后将该SSL证书应用于AWS EB负载均衡器.然后,我需要为"website.com"创建一个子域,以将流量重定向到"something.elasticbeanstalk.com".客户端应用程序连接到现在为HTTPS的"website.com"的子域,并重定向到"something.elsastic.beanstalk.com". 正确吗?
What I think I'm supposed to do is, create an SSL certificate for "website.com" and apply that SSL certificate to the AWS EB load balancer. Then I need to create a subdomain for "website.com" that redirects traffic to "something.elasticbeanstalk.com". Client apps connect to the subdomain of "website.com" which is now HTTPS and redirects to "something.elsastic.beanstalk.com". Is that correct?
我做的如此遥远
到目前为止,我已经使用AWS Certificate Manager为"website.com"创建了SSL证书.为此,我必须验证与"website.com"关联的电子邮件地址.然后,我将该SSL证书应用于AWS管理控制台中环境的负载均衡器.之后,我进入Namecheap并遵循.
So far, I created a SSL certificate for "website.com" using AWS Certificate Manager. For this I had to verify my email address associated with "website.com". I then applied that SSL certificate to my environment's load balancer int the AWS Management Console. After that, I went into Namecheap and followed this guide in the 'Domain Name & AWS 53 Management' section to do it.
我阅读了这篇文章,我需要创建别名和/或在AWS Route53中设置名称服务器.我尝试这样做,但是不知道我在做什么,这似乎与上面链接的中型"文章相冲突,之后我告诉我更改URL的CNAME记录和"website.com"的重定向URL记录
I read in this article that I needed to create an alias and/or set up Nameservers in AWS Route53. I tried doing that but don't know what I'm doing and it seems to conflict with the Medium article I linked above that I followed telling me to change the CNAME record for the URL and the Redirect URL record for "website.com".
问题
我从这里做什么?
推荐答案
情况
-我在Elastic Beanstalk上有一个解析服务器,其URL为"something.elasticbeanstalk.com"
-I have a Parse Server on Elastic Beanstalk with URL "something.elasticbeanstalk.com"
-我有一个名称便宜的域名"website.com"
-I have a domain with Namecheap called "website.com"
我需要的
我需要使我的客户端应用程序连接到HTTPS地址,因为苹果很快就要求使用App Transport Security.由于无法使用AWS证书管理器获得"something.elasticbeanstalk.com"的SSL证书,因此我为"website.com"创建了一个SSL证书.然后,我需要让我的客户端应用程序连接到HTTPS"website.com",然后将其转发到"something.elasticbeanstalk.com".这满足了Apple的HTTPS要求.
I needed to make my client app connect to an HTTPS address since Apple is requiring it shortly with App Transport Security. Since I couldn’t get an SSL certificate using AWS certificate manager for "something.elasticbeanstalk.com", I created one for "website.com". I then needed to have my client app connect to the HTTPS "website.com" which would forward it over to "something.elasticbeanstalk.com". This satisfied the HTTPS requirements of Apple.
如何做
-
使用AWS Certificate Manager为"website.com"制作SSL证书.您需要通过发送给管理员的确认电子邮件来确认域.
Make an SSL certificate for "website.com" using AWS Certificate Manager. You will need to confirm the domain via a confirmation email to the administrator for it.
苹果将"website.com"的SSL证书发送到AWS EB负载均衡器.转到您的AWS EB控制台,单击配置",再单击网络层"类别下的负载平衡".现在,在第一个类别"Load Balancer"下,选择您创建的SSL记录,并将其应用到"SSL证书ID"部分.
Apple the SSL certificate for "website.com" to the AWS EB Load Balancer. Go to your AWS EB Console, click "configuration", click "Load Balancing" under the "Network Tier" category. Now under the first category which is "Load Balancer", select the SSL record you made and apply it in the "SSL certificate ID" section.
为"website.com"设置一个CNAME记录,并带有所需的"website.com"子域的任何主机.我选择数据"作为主机值和子域(所以我的子域是"data.website.com").将CNAME记录的值设置为"something.elasticbeanstalk.com".等待它传播.通常速度很快,但并非总是如此.
Set a CNAME record for "website.com" with a host of whatever subdomain of "website.com" you want. I chose "data" as my host value and subdomain (so my subdomain is "data.website.com"). Set the value of the CNAME record to "something.elasticbeanstalk.com". Wait for it to propagate. It’s usually pretty fast but not always.
(我不确定此特定步骤是否正确,但对我有用)将Parse-Server的serverURL设置为" https://data的publicServerURL .something.com "
(I’m unsure if this particular step is proper but it worked for me) Set the serverURL of Parse-Server to "https://something.elasticbeanstalk.com" and the publicServerURL to "https://data.something.com"
在客户端应用程序的Parse"initializeWithConfiguration"方法中,该方法使该应用程序能够连接到服务器,请将服务器URL更改为" https://data.something.com/parse ".注意:包括"/parse",它是解析服务器的安装路径.根据您的设置方式,此值可能与您有所不同,但我将其设置为"/parse",因为这是我在Parse-Server文档中看到的.
In the Parse "initializeWithConfiguration" method in your client app that enables the app to connect to the server, change the server URL to "https://data.something.com/parse". NOTE: include the "/parse" which is the MOUNT PATH of the parse-server. This value MAY BE DIFFERENT for you depending on how you set it but I set it to "/parse" since that’s what I saw in the Parse-Server docs.
注释
-我删除了所有Route53记录,因为它们与此处无关,因为"something.com" DNS服务由Namecheap控制.
-I deleted all Route53 records since they are irrelevant here since "something.com" DNS services are controlled by Namecheap.
-不需要Namecheap中的重定向URL记录
-A Redirect URL record in Namecheap is unnecessary
这篇关于AWS Elastic Beanstalk Namecheap SSL配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
