简体繁体 English

HTTPS AWS Elastic Beanstalk

[英]HTTPS AWS Elastic Beanstalk

原文 2018-08-30 19:00:04 4 1 node.js/ amazon-web-services/ ssl/ https/ amazon-elastic-beanstalk

I'm trying to get my AWS Elastic Beanstalk environment to use HTTPS...however, when I open my site in a browser it is showing an insecure connection. 我试图让我的AWS Elastic Beanstalk环境使用HTTPS ...但是，当我在浏览器中打开网站时，它显示不安全的连接。

I'm not sure if this is an issue with my security groups or load balancer configuration... 我不确定这是否是我的安全组或负载均衡器配置的问题...

load balancer config 负载均衡器配置

security group config 安全组配置

1 个解决方案

You should assign a certificate to your environment's load balancer: 您应该为环境的负载均衡器分配一个证书：

Open the Elastic Beanstalk console. 打开Elastic Beanstalk控制台。

Navigate to the management page for your environment. 导航到您的环境的管理页面。

Choose Configuration. 选择配置。

On the Load balancer configuration card, choose Modify. 在负载均衡器配置卡上，选择“修改”。
Note 注意
If the Load balancer configuration card doesn't have a Modify button, your environment doesn't have a load balancer. 如果负载均衡器配置卡没有“修改”按钮，则您的环境没有负载均衡器。

On the Modify load balancer page, the procedure varies depending on the type of load balancer associated with your environment. 在“修改负载均衡器”页面上，该过程根据与您的环境关联的负载均衡器的类型而有所不同。
Classic Load Balancer 经典负载均衡器

Choose Add listener. 选择添加侦听器。

In the Classic Load Balancer listener dialog box, configure the following settings: 在“经典负载平衡器”侦听器对话框中，配置以下设置：

For Listener port, type the incoming traffic port, typically 443. 对于侦听器端口，键入传入的通信端口，通常为443。

For Listener protocol, choose HTTPS. 对于侦听器协议，选择HTTPS。

For Instance port, type 80. 对于“实例端口”，键入80。

For Instance protocol, choose HTTP. 对于实例协议，选择HTTP。

For SSL certificate, choose your certificate. 对于SSL证书，请选择您的证书。

Choose Add. 选择添加。

Application Load Balancer 应用程序负载均衡器

Choose Add listener. 选择添加侦听器。

In the Application Load Balancer listener dialog box, configure the following settings: 在“应用程序负载平衡器”侦听器对话框中，配置以下设置：

For Port, type the incoming traffic port, typically 443. 对于“端口”，键入传入的流量端口，通常为443。

For Protocol, choose HTTPS. 对于协议，选择HTTPS。

For SSL certificate, choose your certificate. 对于SSL证书，请选择您的证书。

Choose Add. 选择添加。
Note 注意
If the drop-down menu doesn't show any certificates, you should create or upload a certificate for your custom domain name in AWS Certificate Manager (ACM) (preferred), or upload a certificate to IAM with the AWS CLI. 如果下拉菜单未显示任何证书，则应在AWS Certificate Manager（ACM）中为您的自定义域名创建或上传证书（首选），或使用AWS CLI将证书上传到IAM。

Choose Apply. 选择应用。

Reference: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-elb.html 参考： https : //docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-elb.html

Edit: If you're issue is related to untrusted certificate, follow these steps: https://aws.amazon.com/pt/premiumsupport/knowledge-center/acm-certificate-error-https/ 编辑：如果您的问题与不受信任的证书有关，请按照以下步骤操作： https : //aws.amazon.com/pt/premiumsupport/knowledge-center/acm-certificate-error-https/

If you imported a self-signed certificate using AWS Certificate Manager (ACM), the certificate might not be trusted by some browsers. 如果您使用AWS Certificate Manager（ACM）导入了自签名证书，则某些浏览器可能不信任该证书。 To resolve this error, Request a Certificate using ACM or contact your CA. 要解决此错误，请使用ACM申请证书或联系您的CA。