DEV Community

Hari Bantwal
Hari Bantwal

Posted on

HTTPS Enablement with DNS Registrar: AWS Route 53, DNS Management: Cloudflare, Loadbalancer:OCI

The post below describes SSL enablement for a domain registered with AWS Route 53, DNS management in Cloudflare, and the setup of load balancers and compute instances hosted on Oracle Cloud Infrastructure (OCI).

The background involves three actors due to the domain's previous use for other purposes. Keeping the status quo helps understand the complexities involving multiple actors. The DNS management part can be shifted to either AWS or OCI, reducing the number of actors in the value chain to two.

Image description

Starting Point.

  1. bantwal.ch domain obtained from AWS Route 53
  2. NS Records in AWS Route 53 pointing to Cloudflare
  3. OCI Instance instance-web-1 and instance-web-2 serves Apache webserver on http://PUBLICIP:80

Objective
1) LoadBalancer in OCI pointing to OCI Instance instance-web-1 and instance-web-2
2) Associate domain bantwal.ch to Loadbalancer
3) Enable HTTPS access for bantwal.ch

Steps

1) Create Load Balancer on the regional subnet, add backend instance-web-1 and instance-web-2, add HTTP listener

Image description

2) Navigate to the browser and do http test on public ip of Loadbalancer

Image description

Objective 1: Done

3) Domain Registrar setting at AWS Route 53

Image description

DNS NS records pointing to Cloudflare

4) DNS Management in CloudFlare

Image description

DNS A record pointing to the loadbalancer created in Step 1

SSL TLS Setting is Cloudflare is set to OFF

Image description

5) Navigate to the browser and do DNS Test

Image description

Objective 2: Done

6) Get the Certificate from CA Authority.

This example uses
SSL for Free

Image description

7) Verification of domain

This example uses DNS CNAME entry in Registar/DNS Management.

Image description

Copy the values. And verify the domain.

Image description

Image description

Download the Certificate

8)Create Certificate object in OCI

Image description

Upload the files from the zip file downloaded in previous step.

Image description

Image description

9)Create HTTPS Listener in Load Balancer

Image description

10) Add the HTTPS Port to the stateful Ingress on Load Balancer Subnet

Image description

11) Access the site using SSL

Image description

12) Verify the Certificate details on the browser

Image description

Objective 3: Done

Image of Timescale

🚀 pgai Vectorizer: SQLAlchemy and LiteLLM Make Vector Search Simple

We built pgai Vectorizer to simplify embedding management for AI applications—without needing a separate database or complex infrastructure. Since launch, developers have created over 3,000 vectorizers on Timescale Cloud, with many more self-hosted.

Read more

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more