Hey everyone! I'm working with AWS and have a setup with a Spring Boot application running in a Docker container on an EC2 instance. I've attached an Elastic IP to my EC2 instance, created an Application Load Balancer (ALB), and generated a certificate using AWS Certificate Manager (ACM). My security group is set up to allow HTTPS traffic, but when I access the DNS of the load balancer, I still get a message saying the connection isn't secure. The certificate details appear fine, showing a Common Name (CN) of Amazon RSA 2048 M03. I've mapped my target group to HTTPS port 443, and my load balancer listener is also configured for HTTPS on port 443. What could I be missing to ensure I can access the load balancer securely? Any help would be greatly appreciated!
3 Answers
Exactly! The certificate is tied to your specific domain. You'll need to ensure you're using 'your-super-app.com' or whatever your cert was issued for. Creating a DNS entry that points to the ALB should fix the issue. Also, if you're looking for a guide, check out this link on associating your certificate to the ALB: https://repost.aws/knowledge-center/associate-acm-certificate-alb-nlb
One thing to check is the domain for which you generated the ACM certificate. Make sure you're trying to access that specific domain in your browser instead of the ALB's DNS name. The certificate is associated with your domain, like 'your-super-app.com', not the generic ALB DNS address.
Just a tip, consider keeping your ALB on a public subnet so it has a public IP, but you don’t necessarily need the EC2 instance to be public. You could keep it in a private subnet as long as the ALB can communicate with it. This is generally a better practice for security reasons.
Thanks for the suggestion! I managed to solve it by creating a DNS record that points directly to my ALB's IP. I had the cert for my domain but was initially trying to access the ALB DNS.