I've created an SSL certificate like this:
openssl req -new -newkey rsa:2048 -nodes -keyout mycert.key -out mycert.csr
I filled all required information, especially Common Name (eg, fully qualified host name) []: with test.mydomain.com and I got the files mycert.csr and mycert.key
Then, to generate the cetificate, I ran the command:
openssl x509 -req -days 365 -in mycert.csr -signkey mycert.key -out mycert.crt
Then I used ACM console https://us-east-1.console.aws.amazon.com/acm/home and I imported a new cert using as Certificate body mycert.crt and as Certificate private key mycert.key.
Then, I created an EC2 instances with Amazon Linux 2023 and I assigned an Elastic IP. In this instance I installed an NGINX server as reverse proxy for my nodejs application. I used this configuration file:
server {
listen 80;
listen 443 ssl;
server_name test.mydomain.com;
ssl_certificate /path/to/certs/mycert.crt;
ssl_certificate_key /path/to/certs/mycert.key;
location / {
# My nodejs application lists to 8081 port
proxy_pass http://127.0.0.1:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Using Route53 I created an A record to map the Elastic IP with test.mydomain.com.
The problem is when I access to https://test.mydomain.com using a browser it says that it is not a secure connection like it can't validate ssl cert.
Some ideas?