Create an SSL/TLS certificate for your Amazon Lightsail load balancer - Amazon Lightsail

Create an SSL/TLS certificate for your Amazon Lightsail load balancer

After you create a Lightsail load balancer, you can attach a Transport Layer Security (TLS) certificate to enable HTTPS. The SSL/TLS certificate lets your load balancer handle encrypted web traffic so that you can provide a more secure experience for your users. To learn more, see SSL/TLS certificates.

Prerequisites

Before you get started, you will need the following.

Create the certificate request

  1. Sign in to the Lightsail console.

  2. On the Lightsail home page, choose Networking.

  3. Choose the name of the load balancer for which you want to configure an SSL/TLS certificate.

  4. Choose the Custom domains tab.

  5. Choose Create certificate.

  6. Enter a name for your certificate or accept the default.

    Resource names:

    • Must be unique within each AWS Region in your Lightsail account.

    • Must contain 2 to 255 characters.

    • Must start and end with an alphanumeric character or number.

    • Can include alphanumeric characters, numbers, periods, dashes, and underscores.

  7. Enter your primary domain (www.example.com), and up to 9 alternate domains or subdomains.

    For more information, see Add alternate domains and subdomains to your SSL/TLS certificate

  8. Choose Create certificate.

    Lightsail begins the validation process. You have 72 hours to verify that you own your domain.

    After you create your certificate, you see the certificate along with the domain name and all your alternate domains and subdomains. You need to create a DNS record for each domain and subdomain.

Next step