I've got an AWS API GW that I'm trying to hook up to HTTPS REST endpoints in a different VPC. According to AWS support and the docs I've ready the solution is to use a VPC link pointing to an NLB in the GWs VPC with IP targets in the other VPC. My NLB is HTTPS since the backend services are HTTPS. For the NLB SSL certificate I used ACM to generate a private certificate (based on an ACM private CA). When I test the GW, I get the dreaded General SSLEngine problem error. The NLB is working fine, I can hit it from my browser and get data back from the back-end services. Does the VPC link not trust private certificates? I don't see any way to add CAs. This whole arrangement seems very convoluted to me. Any suggestions?
Can I use VPC Link to NLB with ACM private certificate?
1.4k Views Asked by Malcolm McRoberts At
1
There are 1 best solutions below
Related Questions in AWS-API-GATEWAY
- export function with netbeans from mysql to excel
- issue in my if statement to make comparison in my java program
- How do I change code template triggering behavior in Netbeans 8.0?
- How to get the last integer ID you query in MySQL
- Opening jar file with external library
- How to access a private method
- CoffeeScript For NetBeans 8.0 Plugin: Set Target Folder For Compiles JS
- error with google app engine deploy
- Why won't my JSF app deploy to GlassFish?
- NetBeans commenting
Related Questions in AMAZON-VPC
- export function with netbeans from mysql to excel
- issue in my if statement to make comparison in my java program
- How do I change code template triggering behavior in Netbeans 8.0?
- How to get the last integer ID you query in MySQL
- Opening jar file with external library
- How to access a private method
- CoffeeScript For NetBeans 8.0 Plugin: Set Target Folder For Compiles JS
- error with google app engine deploy
- Why won't my JSF app deploy to GlassFish?
- NetBeans commenting
Related Questions in NLB
- export function with netbeans from mysql to excel
- issue in my if statement to make comparison in my java program
- How do I change code template triggering behavior in Netbeans 8.0?
- How to get the last integer ID you query in MySQL
- Opening jar file with external library
- How to access a private method
- CoffeeScript For NetBeans 8.0 Plugin: Set Target Folder For Compiles JS
- error with google app engine deploy
- Why won't my JSF app deploy to GlassFish?
- NetBeans commenting
Related Questions in AWS-CERTIFICATE-MANAGER
- export function with netbeans from mysql to excel
- issue in my if statement to make comparison in my java program
- How do I change code template triggering behavior in Netbeans 8.0?
- How to get the last integer ID you query in MySQL
- Opening jar file with external library
- How to access a private method
- CoffeeScript For NetBeans 8.0 Plugin: Set Target Folder For Compiles JS
- error with google app engine deploy
- Why won't my JSF app deploy to GlassFish?
- NetBeans commenting
Related Questions in SSLENGINE
- export function with netbeans from mysql to excel
- issue in my if statement to make comparison in my java program
- How do I change code template triggering behavior in Netbeans 8.0?
- How to get the last integer ID you query in MySQL
- Opening jar file with external library
- How to access a private method
- CoffeeScript For NetBeans 8.0 Plugin: Set Target Folder For Compiles JS
- error with google app engine deploy
- Why won't my JSF app deploy to GlassFish?
- NetBeans commenting
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
I have encountered the same problem and after many tests found the root of the problem in the documentation of the API-Gateway. Basically, API-Gateway will not work with any certificates derived from the ACM's Private CAs. This is a list of all valid CAs to use with the API-Gateway:
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-supported-certificate-authorities-for-http-endpoints.html