AWS 将 https 证书放在哪里
[英]AWS Where to put the https certificate
问题描述
I would like to make the following structure for my web application
我想为我的 web 应用程序制作以下结构
Visitor ==>>> CloudFront-> ALB -> ASG (nginx servers)访客 ==>>> CloudFront-> ALB -> ASG(nginx 服务器)
I have only one HTTPS certificate for my domain name.我的域名只有一个 HTTPS 证书。 I will upload it to ACM but where to attach?我会将它上传到 ACM,但要附加到哪里? To the Cloudfront?去云端? Or to the ALB?还是去 ALB? Maybe to the hosts?也许对主人? Or everywhere the same?还是到处都一样?
Can I use the same in all places?我可以在所有地方使用相同的吗?
I tried to add it only to the NGINX but it can be used only locally and others from acm我试图将它仅添加到 NGINX,但它只能在本地使用,其他来自 acm
1 个解决方案
解决方案1
1 已采纳 2023-01-20 12:10:05
Firstly you can use SSL on all levels (cloudfront, ALB, and Nginx Servers).首先,您可以在所有级别(云端、ALB 和 Nginx 服务器)上使用 SSL。
- For Cloudfront, you need to upload your cert to ACM on us-east-1 region.对于 Cloudfront,您需要将证书上传到 us-east-1 区域的 ACM。
On clodfrount configuration page select alternate domain and put your domain to be used, then it will ask cert you need to select it from selection options.
在 clodfrount 配置页面 select 备用域并放置要使用的域,然后它会从选择选项中询问您需要 select 的证书。 - For ALB you need upload it to ACM on ALB region.对于 ALB,您需要将其上传到 ALB 区域上的 ACM。
While you go to listeners, then you configure listener for 443 or another you can select SSL cert on there.
当您将 go 设置为侦听器时,您可以为 443 或另一个配置侦听器,您可以在此处设置 select SSL 证书。 - For Nginx, you can use configure your nginx.conf to use cert.对于 Nginx,您可以使用配置 nginx.conf 来使用证书。 It will ask cert and key, you will put them on somewhere at disk.它会询问证书和密钥,你会把它们放在磁盘的某个地方。
BTW, You can configure only on cloudfront for visitors and you don't need to use SSL for internal communication if your data is not too important (Credit card etc.)顺便说一句,您只能在云端为访问者配置,如果您的数据不太重要(信用卡等),则不需要使用 SSL 进行内部通信。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.