I’ve tried to simplify this section, because it can get complicated.
I also provide a table of where to upload the certificates as I really needed one and I couldn’t find any - so I created my own.
Certificate Choices
Your choices are
Get Let’s Encrypt Free Certificates 3 month Certificates
I may blog this step later, otherwise, I recommend you find a guide as its not so easy to describe here - here is an excellent guide for generating them through certbot. Be aware you need a Domain Registrar setup before starting
- If you have an Nginx Proxy Manager setup, these certificates auto-renew, so you can technically leech them from there - either way, you have to renew them and auto upload to your Load Balancer 3 monthly
Get Cloudflare 15 year Certificates by using the steps below
Locate or generate your Cloudflare Origin Certificates by clicking SSL/TLS > Origin Server > Create Certificate in your Cloudflare Dashboard
Other paid certificate - there any many suppliers
Load Balancer Certificate Assignment
| Certificate | CA Bundle | Private Key | ||
| Cloudflare | cert.pem | Cloudflare Origin RSA PEM | priv.pem | |
| Let’s Encrypt (as generated using certbot) | cert.pem | ISGR Root X1 (or alternatively use fullchain.pem) | privkey.pem | |
| Other Paid | Refer to supplier | Refer to supplier | Refer to supplier |
Important: If you are configuring ORDS as a backend to your Load Balancer, the optional CA Bundle is not optional and is a requirement regardless of certificate choice.
Important: If you have your Cloudflare SSL/TLS > Custom SSL/TLS > Full then Cloudflare Certs will only be accepted.
ENJOY
What’s the picture its Wetherby Bridge, a scheduled monument and Grade II-listed bridge over the River Wharfe in Wetherby, West Yorkshire, dating from the 13th century. Visit Yorkshire!