AWS Elastic Beanstalk Namecheap SSL 配置 [英] AWS Elastic Beanstalk Namecheap SSL Configuration
问题描述
我的 iOS 软件平台在 AWS Elastic Beanstalk 上运行,并有一个我们称之为something.elasticbeanstalk.com"的 URL.我有一个我们称之为website.com"的网站,我通过 Namecheap 购买并操作了 DNS 记录.我需要让我的 iOS 客户端应用程序使用 URL 连接到服务器 HTTPS,因为 Apple 由于应用程序传输安全性很快要求这样做.
My iOS software platform runs on AWS Elastic Beanstalk and has a URL we'll call "something.elasticbeanstalk.com". I have a website we'll call "website.com" I purchased and operate the DNS records for through Namecheap. I need to make the URL my iOS client apps use to connect to the server HTTPS since Apple is requiring this soon due to App Transport Security.
我认为我应该做什么
我认为我应该做的是,为website.com"创建一个 SSL 证书并将该 SSL 证书应用到 AWS EB 负载均衡器.然后我需要为website.com"创建一个子域,将流量重定向到something.elasticbeanstalk.com".客户端应用程序连接到website.com"的子域,现在是 HTTPS 并重定向到something.elsastic.beanstalk.com".正确吗?
What I think I'm supposed to do is, create an SSL certificate for "website.com" and apply that SSL certificate to the AWS EB load balancer. Then I need to create a subdomain for "website.com" that redirects traffic to "something.elasticbeanstalk.com". Client apps connect to the subdomain of "website.com" which is now HTTPS and redirects to "something.elsastic.beanstalk.com". Is that correct?
到目前为止我做了什么
到目前为止,我使用 AWS Certificate Manager 为website.com"创建了 SSL 证书.为此,我必须验证与website.com"相关联的电子邮件地址.然后,我在 AWS 管理控制台中将该 SSL 证书应用于我环境的负载均衡器.之后,我进入 Namecheap 并关注 本指南在域名"中AWS 53 管理部分来做.
So far, I created a SSL certificate for "website.com" using AWS Certificate Manager. For this I had to verify my email address associated with "website.com". I then applied that SSL certificate to my environment's load balancer int the AWS Management Console. After that, I went into Namecheap and followed this guide in the 'Domain Name & AWS 53 Management' section to do it.
我在这篇文章 中读到我需要创建别名和/或在 AWS Route53 中设置名称服务器.我尝试这样做,但不知道我在做什么,它似乎与我上面链接的 Medium 文章冲突,我随后告诉我更改 URL 的 CNAME 记录和website.com"的重定向 URL 记录.
I read in this article that I needed to create an alias and/or set up Nameservers in AWS Route53. I tried doing that but don't know what I'm doing and it seems to conflict with the Medium article I linked above that I followed telling me to change the CNAME record for the URL and the Redirect URL record for "website.com".
问题
接下来我该怎么做?
推荐答案
SITUATION
-我在 Elastic Beanstalk 上有一个解析服务器,URL 为something.elasticbeanstalk.com"
-I have a Parse Server on Elastic Beanstalk with URL "something.elasticbeanstalk.com"
-我有一个名为website.com"的 Namecheap 域
-I have a domain with Namecheap called "website.com"
我需要什么
我需要让我的客户端应用程序连接到一个 HTTPS 地址,因为 Apple 很快就会通过 App Transport Security 要求它.由于我无法使用 AWS 证书管理器为something.elasticbeanstalk.com"获取 SSL 证书,因此我为website.com"创建了一个.然后,我需要让我的客户端应用程序连接到 HTTPSwebsite.com",然后将其转发到something.elasticbeanstalk.com".这满足了 Apple 的 HTTPS 要求.
I needed to make my client app connect to an HTTPS address since Apple is requiring it shortly with App Transport Security. Since I couldn’t get an SSL certificate using AWS certificate manager for "something.elasticbeanstalk.com", I created one for "website.com". I then needed to have my client app connect to the HTTPS "website.com" which would forward it over to "something.elasticbeanstalk.com". This satisfied the HTTPS requirements of Apple.
怎么做
使用 AWS Certificate Manager 为website.com"制作 SSL 证书.您需要通过向管理员发送的确认电子邮件来确认域.
Make an SSL certificate for "website.com" using AWS Certificate Manager. You will need to confirm the domain via a confirmation email to the administrator for it.
Apple 将website.com"的 SSL 证书发送到 AWS EB 负载均衡器.转到您的 AWS EB 控制台,单击配置",单击网络层"类别下的负载平衡".现在,在第一个类别负载均衡器"下,选择您创建的 SSL 记录并将其应用到SSL 证书 ID"部分.
Apple the SSL certificate for "website.com" to the AWS EB Load Balancer. Go to your AWS EB Console, click "configuration", click "Load Balancing" under the "Network Tier" category. Now under the first category which is "Load Balancer", select the SSL record you made and apply it in the "SSL certificate ID" section.
为website.com"设置 CNAME 记录,其中包含您想要的website.com"子域的主机.我选择了data"作为我的主机值和子域(所以我的子域是data.website.com").将 CNAME 记录的值设置为something.elasticbeanstalk.com".等待它的传播.它通常很快,但并非总是如此.
Set a CNAME record for "website.com" with a host of whatever subdomain of "website.com" you want. I chose "data" as my host value and subdomain (so my subdomain is "data.website.com"). Set the value of the CNAME record to "something.elasticbeanstalk.com". Wait for it to propagate. It’s usually pretty fast but not always.
(我不确定这个特定步骤是否正确,但对我有用)将 Parse-Server 的 serverURL 设置为https://something.elasticbeanstalk.com" 和 publicServerURL 到https://data.something.com"
(I’m unsure if this particular step is proper but it worked for me) Set the serverURL of Parse-Server to "https://something.elasticbeanstalk.com" and the publicServerURL to "https://data.something.com"
在客户端应用程序中使应用程序能够连接到服务器的解析initializeWithConfiguration"方法中,将服务器 URL 更改为https://data.something.com/parse".注意:包括/parse",它是解析服务器的安装路径.这个值对你来说可能会有所不同,具体取决于你如何设置它,但我将它设置为/parse",因为这是我在 Parse-Server 文档中看到的.
In the Parse "initializeWithConfiguration" method in your client app that enables the app to connect to the server, change the server URL to "https://data.something.com/parse". NOTE: include the "/parse" which is the MOUNT PATH of the parse-server. This value MAY BE DIFFERENT for you depending on how you set it but I set it to "/parse" since that’s what I saw in the Parse-Server docs.
注意事项
-我删除了所有 Route53 记录,因为它们在此处无关紧要,因为something.com"DNS 服务由 Namecheap 控制.
-I deleted all Route53 records since they are irrelevant here since "something.com" DNS services are controlled by Namecheap.
-Namecheap 中的重定向 URL 记录是不必要的
-A Redirect URL record in Namecheap is unnecessary
这篇关于AWS Elastic Beanstalk Namecheap SSL 配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
