Enable Custom Domain to AWS API Gateway with Free SSL
Three major steps involved in achieving this setup
- Create ACM in AWS or import third party SSL in to AWS
- Create Custom Domain in API Gateway
- Finally add API mapping
Let’s Get started..
Create ACM in AWS or import third party SSL in to AWS
In this step we will be generating free (Let’s Encrypt) certificate and importing in to AWS
install the certbot command line tool for generating the SSL using below command
apt install certbot
Generate the SSL certificates using below command make sure you replace your email and domain name with required values
certbot certonly \
— manual \
— preferred-challenges=dns \
— email youremail@gmail.com \
— agree-tos \
— config-dir ./config \
— logs-dir ./logs \
— work-dir ./workdir \
-d test.domain.com
as soon as we execute above command we will get the below output
Create Txt record in route 53 with above values, once we create the record in route 53.. record will be verified and certificates will be generated note down the path from the above output
Now login to the AWS console and go to the ACM service
Click on the Import certificate as shown in above screen shot
Copy paste the certificate files as required in above screenshot and click on next next and import..
Once certificate imported status will be shown like issued..
Create Custom Domain in API Gateway
Go to the API gateway console click on create custom domain
Enter the Domain in the Domain field Choose the regional and imported ACM certificate
Once custom domain created in API gateway it will create one endpoint
This Endpoint has to be mapped in the Route53 record alias/cname record
at the last we have to add API mapping as shown in below image
Note: Stage name should be excluded in the custom domain while doing API call
Congratulations We have Created custom domain with Free SSL!!!