Trouble getting https to work with self signed certificate on aws elastic load balancer

Michael picture Michael · Sep 12, 2013 · Viewed 9.3k times · Source

I am having issue configuring https on my aws elastic load balancer using a self-signed certificate. After I've done with the set up, making connection to https endpoint does not work. http connection is still fine.

Here's what I did.

  1. Generate the self-signed certificate using this command

    openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt

  2. Verified the key and certificate is working by using this command:

    openssl rsa -in privateKey.key -check
    openssl x509 -in certificate.crt -text -noout

  3. Convert the certificate the key and the cert into a .pem encoded format to comply with aws certificate requirement.

    openssl rsa -in privateKey.key -text > private.pem

    openssl x509 -inform PEM -in certificate.crt > public.pem

  4. Upload the certificate to my elastic load balancer using the the AWS Management Console http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/US_UpdatingLoadBalancerSSL.html. For the private key and public cert value, I used the private.pem and public.pem that were generated in step 3.

  5. Go into EBL Listener configuration, added a https listener and used the certificate that I just uploaded. Here's the configuration for the Listener:

    enter image description here

Any thought on what might be wrong in my configuration? Thanks!!!

Answer

Dan McNerthney picture Dan McNerthney · Nov 19, 2013

Does the Security Groups of the Load Balancer include an inbound HTTPS 443 Port for source 0.0.0.0/0? I just spent a few hours until I finally found this solution.