How to debug NET::ERR_CERT_INVALID after migrating to new EC2 server (cert is on AWS-ACM)

230 views Asked by At

I had a LAMP webserver set up on AWS EC2. Using AWS Certificate Manager and Cloudfront, it was providing my domain (example.com and *.example.com) via https.

My EC2 instance ran into some problems during a software update!

I've spun up a new EC2 instance, recovered and set everything up, and it is now correctly providing my domain via http and using exactly the same IP address as before.

When I attempt to navigate to the domain via https, I get NET::ERR_CERT_INVALID.

I'm grateful for any advice to sort this out.

  1. Am I correct in thinking that, because I'm using ACM and Cloudfront, there is no need to configure anything (e.g., localhost certificate, apache virtual host on port 443, etc.) on the server, and that I simply need to ensure that Cloudfront, my DNS records, and the EC2 instance are all configured with the same IP address?
  2. What is a logical way to work through this to identify where the problem lies? I've come across a number of suggestions (e.g., install SSL on the server, configure virtual host on port 443, etc.), but none seem to exactly match with my situation. It would be useful to know whether I am focussing in the right place. (BTW, I have a subdomain hosted elsewhere that is still responding to https as expected, so I'm guessing that I've overlooked something obvious on the EC2 instance).

Happy to provide more information as needed. Thanks for any ideas or suggestions.

0

There are 0 answers