2021 Fillmore Street #1128

}

24/7 solutions

Top 10 Cloud Providers

AWS SSL Certificates for Elastic Beanstalk

Joel Garcia Joel Garcia has been building AllCode since 2015. He’s an innovative, hands-on executive with a proven record of designing, developing, and operating Software-as-a-Service (SaaS), mobile, and desktop solutions. Joel has expertise in HealthTech, VoIP, and cloud-based solutions. Joel has experience scaling multiple start-ups for successful exits to IMS Health and Golden Gate Capital, […]

AWS SSL Certificates for Elastic Beanstalk are a pain to configure so I put together the following.

SSL certificates for your vanity domain will work correctly as long as users access your Elastic Beanstalk environment through your vanity domain name.
Certs are not packaged with the war file, but are specified as part of the environment configuration. A procedure for using SSL with Elastic Beanstalk is:
1. Obtain an SSL certificate, either by purchasing one from a certificate vendor or generating a self-signed certificate using a tool such as openssl. To proceed, you’ll need your private key, certificate, and certificate trust chain (if the cert is self-signed).
The best documentation I found for this is here.
2. Download the IAM command-line tools from here and install them on your development machine.
The IAM command-line tool can be found here.

3. Execute iam-servercertupload with the certificate you wish to use. The result of this command will give you an IAM ARN for your certificate.
This command can be tricky. The following will work. You will need to replace your parameters accordingly.

1
iam-servercertupload -b APP.MOBILEAWS.COM.crt -c network_first_add_trust_second_carriage_return.pem -k private-key.pem -s mobileaws_cert_chain_2013 -v

The -b argument will be the Cert that the certicate vendor gives you back.
The -c argument will need to be a concatenation of the other 2 certs that the certificate vendor gives you back.
The -k will need to be the private key that you used to generate the CSR.

4. Go to the AWS Elastic Beanstalk console to enable SSL support. Select a running environment and under Actions -> Edit Config -> Load Balancers, you can set the HTTPS port to either 443 or 8443 and then fill in the SSL Certificate Id with the ARN from the command executed above.
When you run the iam-servercertupload command you will get a bunch of mumbo jumbo back.
What you want is
arn:aws:iam::390195603535:server-certificate/mobileaws_cert_chain_2013
If you fail to copy this out, you can always do

1
iam-servercertgetattributes -s certificate_object_name

This will return something along the lines of
arn:aws:iam::390195603535:server-certificate/mobileaws_cert_chain
ASCAI27AVTTBDM5RKNNY2

Once your configuration deployment finishes, you will have an AWS Elastic Beanstalk Environment whose ELB is using server-side HTTPS.
Joel Garcia
Joel Garcia

Joel Garcia has been building AllCode since 2015. He’s an innovative, hands-on executive with a proven record of designing, developing, and operating Software-as-a-Service (SaaS), mobile, and desktop solutions. Joel has expertise in HealthTech, VoIP, and cloud-based solutions. Joel has experience scaling multiple start-ups for successful exits to IMS Health and Golden Gate Capital, as well as working at mature, industry-leading software companies. He’s held executive engineering positions in San Francisco at TidalWave, LittleCast, Self Health Network, LiveVox acquired by Golden Gate Capital, and Med-Vantage acquired by IMS Health.

Related Articles

What is Tigera?

What is Tigera?

An AWS Advanced Technology Partner, Tigera delivers Calico and Calico Enterprise for security and networking on EKS, both of which are AWS Containers Competency certified.

AllCode AWS Analytics Services

AllCode AWS Analytics Services

AWS Analytics ServicesAWS AthenaS3-based query data using SQLAWS CloudsearchManaged Search ServiceAWS ElasticsearchStreamline Elasticsearch...

Free AWS Services List

Download this FREE list of all 200+ AWS services and ensure that you're using the optimal services for your use case to enhance efficiency and save money!

Free AWS Business Continuity Plan Template

Make sure you have the proper business continuity plan explicitly for you AWS infrastructure. our professionals built this template using AWS best practices so you can ensure it's built to scale! 

Free Cloud Migration Checklist

Without the proper cloud migration strategy, you risk losing time and money. Ensure that your migration process is running smoothly with our FREE cloud migration checklist.

Free AWS Services List

You might be optimizing with the wrong AWS services. Download this FREE list of all 200+ AWS services and ensure that you're using the optimal services for your use case to enhance efficiency and save money!

Download your FREE AWS Business Continuity Plan Template
Download Free 200+ AWS Services Checklist
Download our 10-Step Cloud Migration ChecklistYou'll get direct access to our full-length guide on Google Docs. From here, you will be able to make a copy, download the content, and share it with your team.