Can we use AWS ACM certificate to achieve TLS/SSL encryption till EC2 level. My EC2 sit behind loadbalancer. I learned that ACM certs can be used only on managed services like load balancer and cloudfront etc... and cant be used on EC2. which means the connection will be http from ALB to EC2. How can we achieve an end-to-end https if ACM can be used only on AWS ALB? Can it be done with a combination of ACM and self-signed certificate ... any article which throws light on this setup ...?
How can we achieve an end-to-end https if ACM can be used only on AWS ALB?
You need to use self-signed certificate between ALB and your instances. ALB does not change the validity of the certificate on the instance, thus as long as you have it setup it, you will be fine.
How to setup self-signed certificate solely depends on your use case (which linux distro, do you use nginx or not, and more). For example, for instances with Ubuntu 18.04 I was using the following guide from DigitalOcean without issues in the past: