Over a million developers have joined DZone.

Configure AWS Elastic Beanstalk Application to Use SSL

Learn the most simple way to implement HTTPS for an application running on AWS Beanstalk.

· Integration Zone

Learn how API management supports better integration in Achieving Enterprise Agility with Microservices and API Management, brought to you in partnership with 3scale

In this post, I will show you how to set up HTTPS for an application (REST API) running on AWS Elastic Beanstalk. This post is the last in a series of three. As described in my previous two posts, I have performed the first two steps to obtain an SSL certificate for my subdomain and I am ready to use it now in the third and last step:

  • Assign a (sub)domain to your application.
  • Obtain a certificate from the AWS Certificate Manager.
  • Configure AWS Beanstalk application to use SSL.

As I said before, there are multiple ways and variations to implement HTTPS for an application running on AWS but I show just one of them (being the most simple one) here. In this situation we let the elastic load balancer terminate the HTTPS call so our application doesn’t need to have any notion of the SSL part (as I said before this might be the easiest way but doesn’t necessarily mean the best way for certain use cases). To make the load balancer terminate the SSL connection we simply configure the load balancer by using a config script in our .ebextensions folder. In the config script we add a listener on port 443 (default for SSL) and put the ARN of our SSL certificate that is maintained in the AWS Certificate Manager. I also make sure the listener at port 80 is closed so only HTTPS connections are allowed at the ELB. The script looks like this:

option_settings:
  aws:elb:listener:443:
    SSLCertificateId: arn:aws:acm:eu-central-1:101873222293:certificate/46712371-269b-4d9f-f3f4-e83abc78a289
    ListenerProtocol: HTTPS
    InstancePort: 80
    InstanceProtocol: HTTP
  aws:elb:listener:80:
    ListenerEnabled: false


If the environment is now recreated, the API can only be accessed from the outside world via HTTPS as you can see in the following screenshots:

Image title


vs.

Unleash the power of your APIs with future-proof API management - Create your account and start your free trial today, brought to you in partnership with 3scale.

Topics:
elastic load balancer ,ssl ,rest api ,aws elastic beanstalk ,certificate

Published at DZone with permission of Pascal Alma, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}