tekumatlamallesh

After creating EC2 Instacne follow bleow steps and ssl certificate creation steps

  • Select that instance you will find, list of tabs below, choose security tab. After that click on security group.
  • Right side it shows “Edit inbound rules” click on it.  Add below rules.
  • SSH (Type)-TCP (protocol)-22 (Port range)-source (Ipv4)
  • HTTP (Type)-TCP (protocol)-80 (Port range)-source (Ipv4)
  • All traffic (All)-TCP (protocol)-All (Port range)-source (Ipv4)
  • All traffic (All)-TCP (protocol)-All (Port range)-source (Ipv6)

        Connect to the Gitbash using ssh command

  • Select the instance on the top list click on “connect”.
  • Then you can see list of tabs from them choose “SSH Client”.
  • Then it shows the command for connecting “Gitbash”.

Example:

  •  ssh -i “thecorpwork.pem” ubuntu@ec2-65-0-26-45.ap-south-1.compute.amazonaws.com
  • Copy the above command past in gitbash to connect.
  • Before pasting that command you need to be in your “.pem” file path.
  • Then only the above ssh command will work other wise it will not connect.

Apache installation and folder structure creation

  • In Gitbash command line follow the below steps
  • sudo su
  • above command for root user permission
  • sudo chmod -R 777 /var
  • folder permission to create anything in var folder
  • we need to create a folder structure www->html
  • cd /var/www/html
  • sudo apt update
  • sudo apt install apache2
  • sudo ufw app list
  • sudo ufw allow ‘Apache’
  • sudo ufw status
  • sudo systemctl status apache2

How to move files from local to ec2 instace

To move files to Ec2 instance html folder we need to connect to the winscp

  • From above click on “Edit” button, Then click on “Advanced ” button.
  • After clicking the Advanced button new pop window will be opened.

SSH:

  • KEY EXCHANGE
  • AUTHENTICATION
  • BUGS
  • We need to click on “Authentication”
  • No need to worry about the .ppk file, here your password is .pem file only which, we have
  • Downloaded  while creation of our EC2 instance, the winscp will convert automatically to .ppk file to login.
  • After successfully connecting to the “winscp” you need to just drag your local files to the

  /var/www/html folder path.

  • You need to delete “index.html” file , after installing the Apache it will be created in the

  /var/www/html folder . We need to delete that file or else rename it.

  • Now we need to check our local files are working or not in the “EC2” .
  • To Know that we need to click on “EC2” . instance
  • Below we can see list of tabs from them click on “Details”
  • Public IPv4 address: 65.0.26.45
  • Copy that and past in browser now site will not be opened why because, default it will take
  • https: which we are not configured yet.
  • So, manually we need to make the Ip as http://65.0.26.45
  • Then site will show your project out put.

Database creation using RDS

  • Now we need database for our project.
  • Go the “Ec2” instance dashboard in search bar search for “RDS”
  • After clicking the “RDS” right side one button will be their named “create database”
  • Click on it,
  • Standard create (choose this one)
    • Easy create
  • Engine options (Choose below one)
  • Mysql
  • After clicking the “RDS” right side one button will be their named “create database”
  • Settings:  

                                                    DB cluster identifierInfo

  • database-1
  • Credentials Settings
  • Credentials Settings :
  • Master username
    • Master password

                                           Give user name and password based on your choice or else use default password.

  • Public access :
  • Yes (We need to choose this one)
  • no

                          Now create your database no need to change anything except above changes.

SSL certificate Generation in AWS

STEP 1:  Go to the AWS dashboard, in search bar search for “Certificate Manager

            We are going to see 3 options.

  • Request a certificate
    • Import a certificate
    • Create a Private CA

                                 Choose “Request a certificate” option from above

  1. Certificate type
  • Request a public certificate
    • Request a private certificate

                   Choose “Request a public certificate” option from above

  • Domain names

Fully qualified domain name

                   c)    Select validation method

  • DNS validation – recommended
    • Email validation

Choose email validation if you the domain registered email address for verification.

If you don’t have the Email details proceed with DNS Validation.

           D) Tags

               Tag key

  • thecorpwork

            After choosing your choice click on “Request” Button.

Note :  If we choose “Import a certificate” option, then we need to follow below links.

  • https://help.zerossl.com/hc/en-us/articles/360060120373-Installing-SSL-Certificate-on-Ubuntu
  • https://blog.tcmhack.in/how-to-install-ssl-certificates-on-amazon-ec2-ubuntu-server/

STEP 2:  Route 53

  • After clicking the “Request” you will get 3 CNAME records, you need to add them
    • In your hosted zone.
  • To add them in you hosted zone you need to click “create records in Route 53”
  • Then all your CNAME Records will be added to the zone automatically.
    • It will to 5 minutes to validate the records.
  • If all records are validated means you can see the status as success.

STEP 3: Load Balancer

            Click on “Create load Balancer” button:

                      Load balancer types

  • Application Load balancer
  • Network Load balancer
  • Gateway Load balancer

            Choose “Application Load Balancer”

  1. Scheme
  • Internet-facing
  • IP address type
  • IPv4
  • Network mapping
  • ap-south-1
  • ap-south-1b
  • Security groups
  • Default and launch-wizard-1 (two groups selected)
  • Listeners and routing

                      EC2->Target groups

Add below two groups

  • Listener HTTP:80
  • Listener HTTPs:443
  • Secure listener settings

          Security policy (Below one selected)

  • ELBSecurityPolicy-2012-08
  •    Default SSL/TLS certificate  
  •    Choose a target type
  • Instances  
  1.  Target group name
  • protocol->HTTPS->443
  •   Health checks
  • HTTPS (Selected)
  •   We need to add the sub domain rules after clicking on “edit rules”

Leave a Reply

Your email address will not be published. Required fields are marked *