Configuring SSL conenction between ELB and Client only (not between EC2 and ELB)

0
votes

I have a specific use case.

I have a WordPress site which is on EC2 instance.

There is a classic ELB for this instance.

My EC2 instance is using SSL (letsencrypt). Now I want to use AWS Certificate Manager instead of this one.

And I don't want to communicate over SSL between ELB anc EC2 instance. I only need to communicate over SSL between ELB and Client.

How can I accomplish this?

I tried setting the Instance protocol and Instance port of an HTTPS listener in ELB to HTTP and 80 but no luck so far.

Is there anything which needs to be done on WP config side?

1
wordpressamazon-web-servicesnginxamazon-elb

1 Answers

1
votes

First of all, you need to have three components for your letsencrypt SSL:

  1. Certificate body
  2. Private key (pem)
  3. Certificate chain

Get these three items, and import certificate using ACM.

Once you got your certificate, enable HTTPS listener on your ELB, mapped it to port 443, and instance port to 80:

enter image description here

After this, remove HTTPS from your wordpress. Accept only HTTP on port 80. You can modify security group for EC2 to accept only inbound connection from ELB.

Hope this helps