All geek questions in one place

How to set SSL between cloud area as reverse proxy cache with regular EC2 origin?

I have my domain names pointing to a cloud-based interface, which, in turn, refers to my EC2 instance using the usual origin. In this case, this is the public DNS name from EC2, for example xxxxx.us-west-2.compute.amazonaws.com. This makes it behave like a reverse proxy.

I have a form that accepts user information, so I would like to configure SSL. Since my primary domain points to cloud mode,

How to configure the connection between the cloud cloud and the EC2 instance using CF as a reverse proxy cache, and the EC2 instance is a custom domain.

I would do this:

  • Create a subdomain for my origin, like "origin.mydomain.com"
  • Get SSL certificate for origin.mydomain.com
  • Set origin.mydomain.com as a cloud source, unlike the instance domain created by amazon. (Not xxxxx.us-west-2.compute.amazonaws.com)

Edit: The modified title and body part for clarity.

+2
source share
2 answers

Yes, this is exactly the idea.

The step you skipped is that you also need an ssl certificate for your primary domain, which you will โ€œinstallโ€ in the CloudFront distribution.

, ( , SAN UCC), ), - - CloudFront - ( - , CloudFront - ).

, CloudFront , CloudFront .

CloudFront AWS Certificate manager. CloudFront, ELB, EC2, , ELB.

Gandi EC2 $16, CloudFront. , , , CloudFront - . LetsEncrypt StartSSL , , , . , , , CloudFront, , CloudFront, , , , . CloudFront SSL, CA, ( 502, StartSSL CloudFront)... , .

+1

Source: https://habr.com/ru/post/1611697/

More articles:


All Articles