Enabling HTTPS on EC2 Instance
I have an elastic public IP for my EC2 instance. I have an Nginx server running on it (and nodejs as a backend server). I'd like to enable HTTPS access to my server.
My questions:
-
Can I create an SSL certificate (not self-signed) using just my elastic public IP?
-
If not, my department has a domain. let's say, https://www.example.com. This already points to a server with some IP. How can I enter the record (and where?) so that https://www.example.com/base-route points to my elastic public IP without affecting any existing routes? If this is possible, do I create SSL certificate for https://www.example.com or https://www.example.com/base-route
-
If I create a new SSL certificate for https://www.example.com/base-route, will it have any impact on the existing certificate for https://www.example.com/?
SSL certificates are for verifying hosts. A host is identified by either a domain name (by DNS) or an IP address, so.
-
Yes, you can get a trusted SSL certificate for your IP address. As far as I'm aware of, Riven Cloud sells this for $9/yr which is the cheapest (I'm not affiliated!)
-
No. Certificates are for hosts, not for paths. You have two options here:
- Ask your administrator to delegate a subdomain for you, like
base-route.example.com
, so you can acquire a certificate for that. - Ask your administrator to reverse-proxy the base route to your instance. They'll still handle the certificate issue, but you'll have control over the content of this base path.
- Ask your administrator to delegate a subdomain for you, like
-
As noted in point 2, there's no way you'd get a certificate for a path. You only set it up for a host (domain or IP address).