I'm trying to see if I can install certificates on individual instances in AWS.
I currently use a certificate on the loadbalancer, but does that mean that the certificate is installed on all the instances that use that loadbalancer ?
this page : https://aws.amazon.com/certificate-manager/faqs/
says that certificates provided by ACM can only be used with specific AWS services Elastic Load Balancing and Amazon CloudFront.
If I get the certificate from another service is there a way to install it on the instances and make sure it's installed on all other instances that get spun up when scaling up and adding new ec2 instances ?
Best Answer
A certificate installed on the load balancer using certificate manager is only on the ELB. AWS can't automatically put anything on your EC2 instances EBS volume. You, however, can do anything on an EC2 instance you can do on any other server. You can't use the certificate from Certificate Manager on your instance, it's not available.
If you want the connection between ELB and your web server to be HTTPS you need to install your own certificate. I have a tutorial on how to do this with Nginx and Let's Encrypt available here. There are dozens of tutorials and dozens of ways to do this.