I am currently hosting a frontend and backend website on AWS. Here is my current setup:
FrontEnd:
Backend:
I have the frontend HTTPS working correctly by generating the certificate for Cloudfront using Route 53. For the backend, I setup ELB so that I can use ACM to also manage my backend cert instead of doing it directly on the server.
I am confused on the domain I am supposed to create the certificate for ELB. Would I need to create a sub domain that points to the DNS location of the EC2 instance? I tried adding the DNS location of the domain ([...].compute-1.amazonaws.com) to generate the cert but when I try to DNS validate it within ACM, it fails.
Any thoughts?
I am supposed to create the certificate for ELB. Would I need to create a sub domain that points to the DNS location of the EC2 instance?
You are very close. You need to create a subdomain that points to the DNS of the ELB. You can only create SSL certificates for domains you own. You don't own compute-1.amazonaws.com so you can't create an SSL certificate for that.