Suraj Gautam Blog

Add a custom domain to the elastic beanstalk and enable SSL

Add a custom domain to the elastic beanstalk and enable SSL

Suraj gautam's photo
Suraj gautam
·

3 min read

Elastic Beanstalk is one of the most powerful services powered by AWS for quick deployment and monitoring of your application. It provides a better and easiest way to auto-scale your application and balance workloads. In this article, I am not going to cover how to deploy your application to AWS Elastic Beanstalk, how to add a custom domain, and enable SSL for it.

Prerequisites:

  1. Application deployed in AWS Elastic Beanstalk using Application Load Balancer
  2. A Custom Domain and access to DNS settings

Adding custom domain

application.png

As you can see, demo-application is the name of the application currently deployed. It's a simple Spring Boot application with /api/v1/test endpoint that returns Hello world as a response. Let's see it.

image.png

Cool, the application is working. Now, let's try to add a custom domain first to this application. We need to use the Route53 service from AWS to create a hosted zone.

Steps:

  • Search the Route53 service and go to the dashboard.
  • Click on create hosted zone. Enter the domain you want to link to this ELB. The type would be Public hosted zone.

image.png

  • Click on Create hosted zone.
  • After it is created, click on Create record button.

image.png

  • Toggle the Alias button and in the Choose endpoint select option, choose Alias to Elastic Bean Stalk Environment. After that, choose your region and environment. It looks something like this.

image.png

  • Click create a record.

Now you need to update your nameservers in your domain provider. In my case, it's Google Domain. Head to the DNS settings page and choose custom name servers.

image.png

If you're wondering where did I get those values from, do not worry, it's from the hosted zone dashboard from AWS.

untitled.png

It might take few hours to days depending on your domain provider. Now, when I go to startpeeq.com/api/v1/test I can see a hello world response.

image.png

Adding SSL

If I try to curl the API with HTTPS, it responds time out because it is not enabled. Let's add the certificate now.

curl.png

  • Go to AWS Certificate Manager service and click on Request a public certificate.

request-a-certificate.png

  • Enter the domain name (startpeeq.com in my case) and click on Next.
  • Now comes a validation step where we need to validate that we own this domain. We have two methods of doing it i.e DNS Validation and Email Validation. I chose DNS Validation. I have to create a CNAME Record by clicking on Create Record in Route 53. We are using custom DNS nameservers from the hosted zone. So, it will create a cname record in the hosted zone recordset.

image.png

If you choose Email Validation instead, you will receive an email with a link in emails from your domain provider and you have to click on that link.

After few minutes, you will see the status issued in AWS Certificate Manager. Something like this

image.png

  • Go to your Elastic Beanstic Beanstalk application and click on configuration on the left and edit the load balancer configuration. On the Listeners section, add a new listener.

image.png

In the SSL Certificate, you will see the one we newly created. Apply the configuration and wait until the environment updates.

Testing time

image.png

image.png

Yay, we're done. Thanks a lot for bearing with me for so long. If you need any help or have any suggestions, feel free to reach out. Peace!

AWSsoftware developmentSecuritySSLdns