The post below describes SSL enablement for a domain registered with AWS Route 53, DNS management in Cloudflare, and the setup of load balancers and compute instances hosted on Oracle Cloud Infrastructure (OCI).
The background involves three actors due to the domain's previous use for other purposes. Keeping the status quo helps understand the complexities involving multiple actors. The DNS management part can be shifted to either AWS or OCI, reducing the number of actors in the value chain to two.
Starting Point.
- bantwal.ch domain obtained from AWS Route 53
- NS Records in AWS Route 53 pointing to Cloudflare
- OCI Instance instance-web-1 and instance-web-2 serves Apache webserver on http://PUBLICIP:80
Objective
1) LoadBalancer in OCI pointing to OCI Instance instance-web-1 and instance-web-2
2) Associate domain bantwal.ch to Loadbalancer
3) Enable HTTPS access for bantwal.ch
Steps
1) Create Load Balancer on the regional subnet, add backend instance-web-1 and instance-web-2, add HTTP listener
2) Navigate to the browser and do http test on public ip of Loadbalancer
Objective 1: Done
3) Domain Registrar setting at AWS Route 53
DNS NS records pointing to Cloudflare
4) DNS Management in CloudFlare
DNS A record pointing to the loadbalancer created in Step 1
SSL TLS Setting is Cloudflare is set to OFF
5) Navigate to the browser and do DNS Test
Objective 2: Done
6) Get the Certificate from CA Authority.
This example uses
SSL for Free
7) Verification of domain
This example uses DNS CNAME entry in Registar/DNS Management.
Copy the values. And verify the domain.
Download the Certificate
8)Create Certificate object in OCI
Upload the files from the zip file downloaded in previous step.
9)Create HTTPS Listener in Load Balancer
10) Add the HTTPS Port to the stateful Ingress on Load Balancer Subnet
11) Access the site using SSL
12) Verify the Certificate details on the browser
Objective 3: Done
Top comments (0)