I just moved a site from one domain to another. It's still on the same servers behind an AWS Elastic Load Balancer. I also changed the certificate on the load balancer to one for the new domain.
The problem is that all existing links out there are to https://www.old-domain.com -- so when they hit the load balancer, the SSL handshake fails, so it doesn't redirect (b/c the certificate is no for http://newdomain.com)
I'm trying to figure out my options for how to redirect the https links from the old domain. It looks like the best options are either:
Get a Subject Alternate Names (SANs), put all the domains on there, and redirect the old domains in the NGINX conf. But, this is expensive!
Renew the certificate for the https://old-domain.com and have that on a separate IP and redirect there. But that means another EC2 instance, right? Meh.
This posts seems to talk about another solution, but I haven't made enough sense of it yet: Scaling Multiple SSL Domains on Multiple EC2 instances in AWS ELB
Suggestions on the best way to do this?
I appreciate it!
This may help you. AWS Certificate Manager. https://aws.amazon.com/blogs/aws/new-aws-certificate-manager-deploy-ssltls-based-apps-on-aws/
You can create an SSL with multiple host names (SANs), or with a wildcard.
You may also enjoy the pricing... (FREE)
You could take the old domain out of the ELB and point it directly to nginx, with a new server block. That can use the old https certificate, and send back a 301 redirect that will go through the ELB. This is fairly trivial to achieve as well, a new server block with one location in nginx, so long as your server has a public IP and is directly accessible.
You can also maintain second ELB that points to the same set of backend servers. I do this for a number of domains.
You can even set up health checks on the different ELBs that check whether or the old or new domain is down, vs the instances themselves.
The downside to the second ELB is that it will cost you $20 to $30 to month to run.