How do i configure SSL with Dokku on an amazon EC2 instance?

Question

These are the steps that I've taken and either I've missed a step or I'm just going in the wrong direction.

First:

dokku certs:generate app_name domain name

This helped me create a self-signed ssl certificate so now I'm in possession of a server.crt and a server.key file .

Second: I imported this SSL combination into AWS using the AWS certificate manager

Third: I set up a load balancer (not sure if I need one, but it looks like amazon insists on it) I have two listeners on it, one for port 80 for http and one for port 443 for https

Fourth: I set up 2 target groups, one for http and one for https Right now it's health check is saying that none of the two are healthy. If I disable the certificate on dokku with (dokku certs:remove) I noticed that the http one becomes healthy again.

Fifth: I went back to my EC2's security group and updated it to accept inbound and outbound of https along with its other protocols.

Any ideas of what I'm doing wrong/may have missed?

More info: I am running a ruby on rails application with postgres, Unicorn and dokku.

Answer 1

I ended up figuring it out and finding a solution that works for this specific use case (Dokku on EC2, not general EC2 practices).

First most of the steps I listed as having done above are not necessary if you use the dokku/dokku-letsencrypt plugin, found here

Follow the usage instructions in the repo to configure it then, go to you security group settings and allow inbound https over port 443.

No need to deal with the load balancer, target groups or certifcate imports.