麻烦HTTPS自工作在AWS弹性负载平衡器签名证书 [英] Trouble getting https to work with self signed certificate on aws elastic load balancer
问题描述
我有我的AWS弹性负载平衡器使用自签名证书问题,配置HTTPS。之后我与架设完成,使得连接到HTTPS端点不起作用。 HTTP连接仍然有效。
I am having issue configuring https on my aws elastic load balancer using a self-signed certificate. After I've done with the set up, making connection to https endpoint does not work. http connection is still fine.
下面是我所做的。
-
使用此命令生成的自签名证书
Generate the self-signed certificate using this command
OpenSSL的REQ -x509 -nodes -days 365 -newkey RSA:2048 -keyout privateKey.key退房手续certificate.crt 的
验证密钥和证书正在使用这个命令:
Verified the key and certificate is working by using this command:
OpenSSL的RSA -in privateKey.key - 检查的
OpenSSL的X509 -in certificate.crt -text -noout 的
键和证书转换证书成质子交换膜连接codeD格式符合AWS证书的要求。
Convert the certificate the key and the cert into a .pem encoded format to comply with aws certificate requirement.
OpenSSL的RSA -in privateKey.key -text> private.pem 的
OpenSSL的X509 -inform PEM -in certificate.crt> public.pem 的
上传使用AWS管理控制台证书到我的弹性负载均衡器 <一href="http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/US_UpdatingLoadBalancerSSL.html">http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/US_UpdatingLoadBalancerSSL.html.对于私钥和公钥证书的价值,我曾经在第3步中生成的private.pem和public.pem。
Upload the certificate to my elastic load balancer using the the AWS Management Console http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/US_UpdatingLoadBalancerSSL.html. For the private key and public cert value, I used the private.pem and public.pem that were generated in step 3.
走进EBL监听器配置,增加了HTTPS侦听器,并使用了我刚刚上传了证书。下面是监听器的配置:
Go into EBL Listener configuration, added a https listener and used the certificate that I just uploaded. Here's the configuration for the Listener:
这是什么可能是错误的,我配置的任何想法?谢谢!
Any thought on what might be wrong in my configuration? Thanks!!!
推荐答案
请问负载均衡器的安全组包括入站HTTPS 443端口的源0.0.0.0/0?我只花了几个小时,直到我终于找到了这个解决方案。
Does the Security Groups of the Load Balancer include an inbound HTTPS 443 Port for source 0.0.0.0/0? I just spent a few hours until I finally found this solution.
这篇关于麻烦HTTPS自工作在AWS弹性负载平衡器签名证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!