Loadbalancer does not work on HTTPS by default when certificates already exist

[s7dhansh]

I have existing certificates in my ACM. The load balancer did not listen on HTTPS port by default. I had to add it manually on both the load balancer and its security group.

I am not sure if there is a config for doing this. I could not find one.

[s7dhansh]

Also, when forceSsl is true, isn't it better to change the load balancer listener at 80, to redirect to https, instead of the current handling at instance's nginx level?

[mikeschaekermann]

I have the same question. I have an existing SSL certificate that I would like to use. My first attempt at this was to manually add a HTTPS 443 listener to the application load balancer and to specify my existing SSL certificate for this listener. I did this once after the first deployment and it seemed to work fine at first glance.

Every subsequent deployment, however, removes the SSL certificate from the HTTPS 443 listener on my load balancer which causes my application to fail.

Does anyone know a fix for this behavior?

[zodern]

Manually setting the certificate for the load balancer works starting in [email protected]. I would accept a PR that allows configuring this in the mup config.