How to set up HTTPS with AWS ACM and a private IP?

[isaccavalcante]

I can't have a public IP in my caprover EC2 instance to setup SSL with LetsEncrypt. So I tried to add an ALB with ACM certificate, and updated the route53 domain to that ALB address. But that didn't seem to work.

What I noticed was that caprover kept restarting because of the DNS verification. I was able to pass that by disabling it:

echo  "{\"skipVerifyingDomains\":\"true\"}" >  /captain/data/config-override.json
docker service update captain-captain --force

But the connection was still not HTTPS after that.

I had my target groups set to 80 -> 3000 and 443 -> 3000. What am I doing wrong?

Thanks in advance.

[githubsaturn]

Hi @isaccavalcante - CapRover is designed to work on public IP addresses. It's a requirement of CapRover to work properly.

Your question is very AWS specific. If you're not using CapRover's built in mechanism to enable HTTPS, you're on your own.

The way you're mapping ports shows that you're completely bypassing CapRover's internal nginx container that routes the requests. Hence making CapRover fully useless.