Tomcat with SSL enabled behind an ELB
up vote
1
down vote
favorite
My current setup is as follow
ELB (80) ----- > (8080)
ELB (443) ------> (8080) (with a certificate installed in the ACM)
So from the client to ELB the connection secure but from the ELB to my app the connection becomes insecure.
I would like to archive this:
ELB (80) ----- > (8080)
ELB (443) ------> (8443) (with a certificate installed in the ACM)
I would like to start having my Tomcat running on 8443 with SSL enabled.
Is it correct to say that I will need to install the same certificate that is currently installed on the ELB ?
Or will installing a 'self signed' localhost certificate on the Tomcat be enough ?
I'm asking because I did tried the above but didn't seem to work and I don't know if it is because I wrongly configured tomcat or because I need a proper certificate. I'm not entirely sure how the ELB forwards the SSL requests to the app.
tomcat ssl certificate amazon-elb
asked Nov 8 at 10:58
Marco
566
add a comment |
up vote
1
down vote
favorite
My current setup is as follow
ELB (80) ----- > (8080)
ELB (443) ------> (8080) (with a certificate installed in the ACM)
So from the client to ELB the connection secure but from the ELB to my app the connection becomes insecure.
I would like to archive this:
ELB (80) ----- > (8080)
ELB (443) ------> (8443) (with a certificate installed in the ACM)
I would like to start having my Tomcat running on 8443 with SSL enabled.
Is it correct to say that I will need to install the same certificate that is currently installed on the ELB ?
Or will installing a 'self signed' localhost certificate on the Tomcat be enough ?
I'm asking because I did tried the above but didn't seem to work and I don't know if it is because I wrongly configured tomcat or because I need a proper certificate. I'm not entirely sure how the ELB forwards the SSL requests to the app.
tomcat ssl certificate amazon-elb
asked Nov 8 at 10:58
Marco
566
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
My current setup is as follow
ELB (80) ----- > (8080)
ELB (443) ------> (8080) (with a certificate installed in the ACM)
So from the client to ELB the connection secure but from the ELB to my app the connection becomes insecure.
I would like to archive this:
ELB (80) ----- > (8080)
ELB (443) ------> (8443) (with a certificate installed in the ACM)
I would like to start having my Tomcat running on 8443 with SSL enabled.
Is it correct to say that I will need to install the same certificate that is currently installed on the ELB ?
Or will installing a 'self signed' localhost certificate on the Tomcat be enough ?
I'm asking because I did tried the above but didn't seem to work and I don't know if it is because I wrongly configured tomcat or because I need a proper certificate. I'm not entirely sure how the ELB forwards the SSL requests to the app.
tomcat ssl certificate amazon-elb
asked Nov 8 at 10:58
Marco
566
My current setup is as follow
ELB (80) ----- > (8080)
ELB (443) ------> (8080) (with a certificate installed in the ACM)
So from the client to ELB the connection secure but from the ELB to my app the connection becomes insecure.
I would like to archive this:
ELB (80) ----- > (8080)
ELB (443) ------> (8443) (with a certificate installed in the ACM)
I would like to start having my Tomcat running on 8443 with SSL enabled.
Is it correct to say that I will need to install the same certificate that is currently installed on the ELB ?
Or will installing a 'self signed' localhost certificate on the Tomcat be enough ?
I'm asking because I did tried the above but didn't seem to work and I don't know if it is because I wrongly configured tomcat or because I need a proper certificate. I'm not entirely sure how the ELB forwards the SSL requests to the app.
tomcat ssl certificate amazon-elb
tomcat ssl certificate amazon-elb
asked Nov 8 at 10:58
Marco
566
asked Nov 8 at 10:58
Marco
566
asked Nov 8 at 10:58
Marco
566
asked Nov 8 at 10:58
Marco
566
asked Nov 8 at 10:58
Marco
566
566
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
Answering my own question.
Yes it is possible to use a self signed cert
ELB (HTTP 80) ----- > (HTTP 8080)
ELB (SSL 443) ------> (SSL 8443) (with a certificate installed in the ACM)
answered Nov 9 at 14:44
Marco
566
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
Answering my own question.
Yes it is possible to use a self signed cert
ELB (HTTP 80) ----- > (HTTP 8080)
ELB (SSL 443) ------> (SSL 8443) (with a certificate installed in the ACM)
answered Nov 9 at 14:44
Marco
566
add a comment |
up vote
0
down vote
Answering my own question.
Yes it is possible to use a self signed cert
ELB (HTTP 80) ----- > (HTTP 8080)
ELB (SSL 443) ------> (SSL 8443) (with a certificate installed in the ACM)
answered Nov 9 at 14:44
Marco
566
add a comment |
up vote
0
down vote
up vote
0
down vote
Answering my own question.
Yes it is possible to use a self signed cert
ELB (HTTP 80) ----- > (HTTP 8080)
ELB (SSL 443) ------> (SSL 8443) (with a certificate installed in the ACM)
answered Nov 9 at 14:44
Marco
566
Answering my own question.
Yes it is possible to use a self signed cert
ELB (HTTP 80) ----- > (HTTP 8080)
ELB (SSL 443) ------> (SSL 8443) (with a certificate installed in the ACM)
answered Nov 9 at 14:44
Marco
566
answered Nov 9 at 14:44
Marco
566
answered Nov 9 at 14:44
Marco
566
answered Nov 9 at 14:44
Marco
566
566
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53206328%2ftomcat-with-ssl-enabled-behind-an-elb%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
