Amazon AWS ELB using VPC with SSL

This guide goes through the setup of an ELB (Elastic load balancer in the AWS amazon cloud) with an SSL certificate.

For this test I am going to set up an ec2 instance with Ubuntu 12.10 running an nginx server.

Set up nginx server

Before you set up an ELB you need to have your server set up that you are going to attach to it.

Run the following commands to install nginx on the server

> sudo apt-get update > sudo apt-get upgrade > sudo apt-get install nginx

Start the nginx server

>  sudo /etc/init.d/nginx start

Open the address of the server in a web browser and confirm nginx is running

Create an ELB

Now that you have a server it's time to create an ELB.

Log into the AWS web console and open up the EC2 service

Click on Load Balancers

Click on Create Load Balancer

Give it a name, in my case I called mine  myTestLoadBalancer

In my case I have my ec2 instance running in a VPC I made.  If you are in a similar situation you need to select your VPC from the pull down menu.

Leave the rest of it the same and click continue

Set the health checks.  In my case I kept them the same.  Click Continue

If this is an ELB using a VPC you need to select which subnets it can attach to.  Then click Continue

Assign a security group to the ELB and click continue

Select the instances you want to attach to this load balancer by checking their checkboxes then click Continue.

Review the information and then click Create.

Click "View my load balancers and check their status.

Test the Load balancer

Looking at the load balancer you can see that it has an address associated with it.  In my case it is

myTestLoadBalancer-703543986.us-west-2.elb.amazonaws.com

Now open up the a browser with

http://mytestloadbalancer-703543986.us-west-2.elb.amazonaws.com/

Success!

Associate domain name

I won't go into great detail here but I created a subdomain ssl-test for whiteboardcoder.com on route 53.  I made a CNAME and entered in the ELB name and clicked save Record Set.

If I open http://ssl-test.whiteboardcoder.com/  I get the ELB server

Success!

Adding an SSL certificate to the ELB

What I really want to do is add an SSL certificate to the load balancer.

I already have my SSL certificate set up and ready to go.  I have other posts about how to create an SSL certificate if you get stuck on that.

Assuming you have your SSL certificate here is what you need to do.

Add 443

You need to add port 443 to the ELB

Select the ELB and then click on the Listener tab

From the pull down select HTTPS then click select under the SSL Certificate column

Give it a name,  I called mine ssl-test.

Enter the private Key and Public Key certificates then click Save

Select the certificate you just made and click Save.

Click Save.

Now open the https web site

https://ssl-test.whiteboardcoder.com/

Success!

References