In this post, we will be using Ebextension to deploy the SSL in Elastic beanstalk without using Elastic Load balancer(ELB). As I make sure bring the ssl with hassle free with a simple steps and simple configuration.
Clone the project locally to your linux machine.
Copy the ebxtenstion as .ebxtenstion in your core code and upload a same in your AWS Elastic Beanstalk.
cp -r ebxtenstion <path_to_your_application>/.ebxtenstion
Add the below Environment properties in you Elastic Beanstalk.
| key | value |
|---|---|
| cert_path | <download_link> |
| key_path | <download_link> |
| location_cert_key | /mnt/cert/ |
- Create a https nginx configuration with the as /etc/nginx/sites-available/https_server.conf
- Delete the location_cert_key directory and create the same.
- Download the cert_path and key_path.
- Move those file to location_cert_key.
- Edit the https_server.conf with respective certificate and key path.
- Link the /etc/nginx/sites-available/https_server.conf to /etc/nginx/sites-enabled/https_server.conf
- Add the post script to restart the nginx(/opt/elasticbeanstalk/hooks/appdeploy/post/99_restart_nginx.sh).
Why restart the nginx in post script rather in the Ebextension?
As ebextenstion will execute at the start of the deployment itself and if you try to restart the application initially at those time docker(your application) will not be up and running and it will end up in error in connection so I have added the nginx restart as separate script in post deployment.