AWS docker compose Installation SSL Route53 Domain

Hey Passbolt Community,

I hope this message finds you in good health. I am planning to run Passbolt as a docker container in AWS. We currently host our domain in AWS Route 53 and generate certificates using AWS public ACM.

We need assistance in automatically generating and renewing SSL certificates in AWS for the Passbolt container. We are not certain about the best approach for generating SSL certs for our docker container.

We do not intend to host Passbolt on a bare metal EC2 instance, but instead on a docker container.

Please feel free to suggest any ideas on how to tackle this issue.

My initial suggestion was to host it on AWS ECS EC2 initially. The Passbolt container would run without HTTPS, but it would be put behind an Application Load Balancer with SSL configured. The EC2 would be hosted in a private subnet.

Hey @Steven1995 welcome to the forum!

Your idea with the ALB having the cert is how I have seen this done before on AWS. I believe for this to work correctly you’ll need the APP_FULL_BASE_URL set to https even though the cert is being handled elsewhere