I am currently trying to setup https for my backend program (Spring Boot). My first step was to deploy my Backend program using AWS Fargate which gives a public IP in http.
Then I setted up an AWS Application Load Balancer for the AWS Fargate using http only. This process was successful and I am able to call my BE program through the LB with a domain that looks like this: (The numbers and lb name in here are not the real thing)
test-lb-123456.ap-southeast-1.elb.amazonaws.com
Then I want to add an https listener to the LB, so I clicked on "Add Listener" and "Requests a new ACM Certificate" just like the picture below
Then when prompted to ask for a domain name, I add the exact domain that I mentioned above.
But this request always fails with error
Additional verification required to request certificates for one or more domain names in this request
My question is, am I doing this correctly? Should I not add the "test-lb..." domain above when prompted to ask for a new certificate? If not, then what domain should I use ?
Thank You
EDIT: Apparently the images might not be displayed correctly yet because I am a low-reputation user, hopefully the images will be shown after review. reference
CodePudding user response:
You can't get valid SSL certificate for test-lb-123456.ap-southeast-1.elb.amazonaws.com
. This is because this domain belongs to AWS. To get HTTPS on your ALB, you need your own domain. You can buy it from Route53 or any external domain registrar.
Once you have your own domain, you can get a free SSL certificate for it using AWS ACM.