AWS Amplify use ssl certificate in spring boot backend for https


I made a frontend in aws amplify and created a custom domain over amplify with route 53.
Then I created a subdomain, for example for my spring boot backend rest api.
The subdomain only uses http. For using it with https I need to specify:

server.ssl.key-store, server.ssl.key-store-password and server.ssl.keyAlias

In the documentation I found the following hint but I can’t get access to the certificate on Amazon Certificate Manager (ACM):
AWS Amplify Console generates a free HTTPS certificate on all pages and automatically activates it on all Route53 managed domains. The SSL certificate is generated by Amazon Certificate Manager and supports wildcard domains. ACM handles the complexity of creating and managing public SSL/TLS certificates for your AWS-based Web sites and applications. With the wildcard option, the main domain and all subdomains are covered by a single certificate.

So the question is, how to get access to the information I need to specify in spring boot?


Based on the comments.

The ACM certs can only be used on a load balancer, API gateway and CloudFront distribution. They can’t be used on an EC2 instance.

There are two options to rectify the issue:

  • Add load balancer in front of your EC2 instance, a CloudFront distribution or proxy your API through API gateway. On these AWS services you can just install your ACM cert.
  • Setup SSL certificate on the instance itself. To do this you have to get a third party certificate. A popular choice is which provides free public certificates.

Leave a Reply