Howto install the api gateway client certificate into Elastic beanstalk
I have a scalable application on elastic beanstalk running on Tomcat. I read that in front of Tomcat there is an Apache server for reverse proxy. I guess I have to install on apache the client certificate and configure it to accept only request encrypted by this certificate, but I have no idea how to do that. Can you help me?
After many researches I found a solution. According to the difficult to discover it I want share with you my experience. My platform on elastic beanstalk is Tomcat 8 with load balancer. To use the client certificate (at the moment I was writing) you have to terminate the https on instance http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance.html then http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-tomcat.html I used this configuration to use both client and server certificates (seems that it doesn't work only with client certificate) SSLEngine on SSLCertificateFile "/etc/pki/tls/certs/server.crt" SSLCertificateKeyFile "/etc/pki/tls/certs/server.key" SSLCertificateChainFile "/etc/pki/tls/certs/GandiStandardSSLCA2.pem" SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder On SSLVerifyClient require SSLVerifyDepth 1 SSLCACertificateFile "/etc/pki/tls/certs/client.crt" And last thing: api gateway doesn't work with self signed cerificate (thanks to Client certificates with AWS API Gateway), so you have to buy one from a CA.
You might have to configure the ELB's listener for vanilla TCP on the same port instead of HTTPS. Basically TCP pass through at your ELB, your instance needs to handle on the SSL in order to authorize the requests which provided a valid client certificate.
AWS Elastic Beanstalk - Source code in inner folder
Does anyone deploy meanio project to AWS Elasticbeanstalk?
Elastic Beanstalk randomly goes offline
How to enable parse server rest api
How to deploy config.json on elastic beanstalk
Error in AWS ElasticBeanStalk python 27 application that was running fine
Using elastic ip for amazon's ElasticBeanstalk instance
Creating custom scaling trigger for elastic beanstalk
Failing to deploy flask app on AWS Elastic Beanstalk environment
Elastic Beanstalk IAM developer permissions
Elastic beanstalk not using reserved instance
Updating AWS Elastic Bean has encountered a . How to resolve this?
How to automatically remove instances in EB whose status OutOfService is?
chmod configuration in elastic beanstalk
Where can I find elastic beanstalk “instance health for details”