Where does AWS Elastic Beanstalk Load Balancer look for certifications?
I am setting up AWS Elastic Beanstalk application and I want the traffic to it to be HTTPS.
I created a DNS CNAME record matching the beanstalk url and created and approved a certificate for that DNS name in AWS Certificate Manager.
Now I went to Elastic Beanstalk environment --> Configuration --> Network Tier / Load Balancer (Image below) in order to set the "Secure listener port" from OFF to 443 and choose my certificate.
But my certificate is not there to choose from ! So My question is how to get my certificate or a certificate into that selection list, or is that a bug in AWS?
Note - I was able to see my certificate when going to EC2 / Load balancers and was able to change the load balancer from HTTP to HTTPS and choose my certificate there. But this did not reflect on Elastic Beanstalk load balancer configuration that still shows port 80. Using HTTPS to the beanstalk did not work this way.
Help!
The answer by Brian FitzGerald and this blog helped me figure out a simple way to do that (set https on the Elastic beanstalk load balancer and use a CRM certificate for it).
The solution is simpler using AWS Elastic Beanstalk CLI (eb for short). After you set up the environment properly you can use eb config command.
When the edit window opens up scroll down to aws:elb:loadbalancer section.
Modify the load balancer section to be so (in my case I removed port 80 altogether, you may want to keep it):
aws:elb:loadbalancer:
CrossZone: 'true'
LoadBalancerHTTPPort: 'OFF'
LoadBalancerHTTPSPort: '443'
LoadBalancerPortProtocol: HTTP
LoadBalancerSSLPortProtocol: HTTPS
SSLCertificateId: PLACE HERE THE CRM CERTIFICATE ARN
SecurityGroups: '{"Fn::GetAtt":["AWSEBLoadBalancerSecurityGroup","GroupId"]},{"Ref":"AWSEBLoadBalancerSecurityGroup"}'
The arn of the certificate can be found in AWS > Certificate Manager. Open the certificate and copy the ARN number (on the bottom right).
I saved the configuration, waited for the environment to get updated and that was it.