1

I have an EC2 instance that I will use for some backend services in my mobile app. In order to get valid SSL certificates for this instance, here is what I did:

  1. Setup EC2 + python backend services
  2. Got an OVH domain name
  3. routed my EC2 elastic IP adress with this domain name (both with Route 53 of AWS and in OVH)

Now, I'm trying to get a valid SSL certificate with AWS Certificate Manager, but my request is in pending validation for three days... Did I do something wrong? Thanks a lot for your help.

Improve this question
1
  • Monday was a holiday in the USA and there was a weekend before that.
    – Michael Hampton
    Commented Sep 8, 2020 at 12:55

1 Answer 1

Reset to default
1

  1. Does your domain really use the Route53 name servers? That has to be configured in your registrar (OVH?)

  2. Did you create the required ACM validation TXT record in your Route53 Hosted Zone?

  3. You won’t be able to use an ACM-issued certificate in EC2 anyway, ACM certs can only be used with Application Load Balancers (ALB), CloudFront, and some other services. They can’t be exported for use on EC2.

If you’re not planning to use ALB you may consider a LetsEncrypt certificate.

Hope that helps :)

Improve this answer
3
  • Thanks for your answer. Thus, I need to rely on LetsEncrypt... The problem is I don't have a web hosting subscription in OVH, just a domain subscription. And setting up certificates from the shell is very tough in my instance, as I can't download Certbot :((
    – Abilys38
    Commented Sep 8, 2020 at 11:36
  • Conclusion: There is no easy way to get a official ssl certificate in EC2 ?
    – Abilys38
    Commented Sep 8, 2020 at 11:37
  • 1
    @Abilys38 I don’t know OVH, sorry. The easiest is to use Application Load Balancer in front of your EC2 and use ACM issued certificate. That’s what I would do. Other than that LetsEncrypt certbot can be made to run on Amazon Linux 2, or you can spin up Ubuntu EC2 where certbot works out of the box.
    – MLu
    Commented Sep 8, 2020 at 12:04

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .