286a50035f40e3acf0f7ebb667a4da11f0f36750
wiki/ssl-support.md
| ... | ... | @@ -62,4 +62,12 @@ To have a non-SSL `VirtualHost` redirect to the SSL counterpart, use a definitio |
| 62 | 62 | ServerName jobs.sapsailing.com |
| 63 | 63 | RedirectPermanent / https://jobs.sapsailing.com/ |
| 64 | 64 | </VirtualHost> |
| 65 | -``` |
|
| ... | ... | \ No newline at end of file |
| 0 | +``` |
|
| 1 | + |
|
| 2 | +## Elastic Load Balancer (ELB) with SSL / HTTPS |
|
| 3 | + |
|
| 4 | +Amazon EC2 supports uploading the private and public key as well as the certificate chain when adding an HTTPS listener to an ELB. However, this only seems to work properly in the us-east region. As the IAM module has global scope, however, the key uploaded will afterwards be available for ELB HTTPS listener creation in all zones. |
|
| 5 | + |
|
| 6 | +I've uploaded the *.sapsailing.com certificate today (2016-03-06) and named it `sapsailing.com`. |
|
| 7 | + |
|
| 8 | +When you add listeners, make sure they also have the certificate for *.sapsailing.com installed. Choose the `*-SSL` macro variants in your `/etc/httpd/conf.d/001-events.conf` configuration file (which is now the default being generated by the startup script in /etc/init.d/sailing). |
|
| ... | ... | \ No newline at end of file |