These are the steps that I've taken and either I've missed a step or I'm just going in the wrong direction.
First:
dokku certs:generate app_name domain name
This helped me create a self-signed ssl certificate so now I'm in possession of a server.crt and a server.key file .
Second: I imported this SSL combination into AWS using the AWS certificate manager
Third: I set up a load balancer (not sure if I need one, but it looks like amazon insists on it) I have two listeners on it, one for port 80 for http and one for port 443 for https
Fourth: I set up 2 target groups, one for http and one for https Right now it's health check is saying that none of the two are healthy. If I disable the certificate on dokku with (dokku certs:remove) I noticed that the http one becomes healthy again.
Fifth: I went back to my EC2's security group and updated it to accept inbound and outbound of https along with its other protocols.
Any ideas of what I'm doing wrong/may have missed?
More info: I am running a ruby on rails application with postgres, Unicorn and dokku.
I ended up figuring it out and finding a solution that works for this specific use case (Dokku on EC2, not general EC2 practices).
First most of the steps I listed as having done above are not necessary if you use the
dokku/dokku-letsencryptplugin, found hereFollow the usage instructions in the repo to configure it then, go to you security group settings and allow inbound https over port 443.
No need to deal with the load balancer, target groups or certifcate imports.