rerouting DNS to AWS ELB with SSL/TLS

1
votes

I'm trying to create a production topology and got stuck in the final step of creating an https connection to my site when rerouting from my domain to AWS ELB.

relevant info:
* An ELB [*.elb.amazonaws.com] that forwards both 80 and 443 requests to the web server
* I've bought example.com from GoDaddy.
* On Godaddy added forwarding from example.com to https://*.elb.amazonaws.com
* Created a certificate for *.example.com on AWS and attached to the ELB
* Limited access to the webserver so all goes through the ELB
* Created (but currently disabled) http->https reroute on the web server

What's working:
* http://*.elb.amazonaws.com launches the site correctly
* https://*.elb.amazonaws.com launches the site correctly
* http://example.com launches the site correctly

not working:
* https://example.com fails to load (error: too long to respond)

Any help would be much appreciated!

2
amazon-web-servicesamazon-elbamazon-route53

2 Answers

2
votes

I suspect that GoDaddy isn't listening on 443 for example.com

Forwarding isn't really the right way to do this, I'd suggest creating a hosted zone in AWS Route 53 and changing the Name Servers in GoDaddy to the ones provided by AWS Route 53. This will cost about $0.50/mo.

After that, you can point the domain straight at the Alias record for the ELB and have one less stage in the process.

1
votes

You can't have several NS entities publishing your domain. So although port numbers are not the issue, Martin is right;

When you need forwarding (to the ELB) you should:
1. create a zone in AWS
2. publish an alias (your ELB DNS)
3. make AWS your sole publisher by changing on Godaddy the nameservers to those of AWS (listed in the domain's zone)

This will effectivly cause AWS to be your publisher and make a quicker resolve process as it won't need to resolve several times.