I would like to change my API from HTTP to HTTPs in API Gateway, but get the following error:
Endpoint request headers: {x-amzn-apigateway-api-id=ghqsfz8w25,
Accept=application/json, User-Agent=AmazonAPIGateway_xxxx,
Host=xxx-nlb-ecs-service-xxx-xxxcea41.elb.eu-west-1.amazonaws.com,
X-Amzn-Trace-Id=Root=1-xxx-xxx}
Endpoint request body after transformations:
Sending request to https://xxx-nlb-ecs-service-xxx-xxxcea41.elb.eu-west-1.amazonaws.com
Execution failed due to configuration error:
Host name 'vpce-xxx007-xxxb1h.vpce-svc-xxx318ce.eu-west-1.vpce.amazonaws.com' does
not match the certificate subject provided by the peer (CN=*.domain.eu)
Method completed with status: 500
With the following configuration:
- A wildcard certificate *.domain.eu is used
- The wildcard certificate is assigned to the NLB 443 listener
- The NLB is integrated with vpce-svc-xxx318ce endpoint in VPC Endpoint Services (AWS PrivateLink)
- The wildcard certificate is assigned to the custom domain in API-GW
- The custom domain includes mappings to different APIs (like: api.domain.eu/api1v1, api.domain.eu/api2v1)
The settings of the API method are
- Integration type: VPC link
- VPC link: {VPC link to the NLB}
- Endpoint URL: https://xxx-nlb-ecs-service-xxx-xxxcea41.elb.eu-west-1.amazonaws.com
With HTTP this configuration was working. Now it seems that I need to associate the VPC endpoint with the wildcard certificate. It is my first experience with AWS and I am not a network expert. Any ideas how I can fix this issue.
Thanks in advance!
