I've held off on writing this question because I'm not sure if it belongs on ServerFault or StackOverflow.
I have a React web application hosted in an AWS S3 bucket and using CloudFront. I have a REST API written as a Java Spring Boot application running on an AWS EC2 instance. I am trying to enable SSL on both of these to secure my traffic.
So far I have used an AWS generated SSL certificate to secure the web application. I tried to use the same AWS generated SSL certificate to secure the Java Spring Boot application and I have come to understand that this will not be possible with this certificate. All attempts to get the Java Spring Boot application to support SSL with this certificate have failed when the application starts.
I have been experimenting locally with self-signed certificates which, after accepting the browser warning, works for the web application but not for the Java Spring Boot application. The Java Spring Boot application starts up fine and I can use Postman to access the API (after configuring Postman to skip certificate validation). I believe the JavaScript library I am using (Axios) to call the Java Spring Boot application can't cope with a self-signed certificate and I have not been able to configure it to accept/ignore a self-signed certificate. Ultimately I won't be using self-signed certificates so this is a dead end anyway.
My deployment of a web application hosted in S3 with an HTTP API on an EC2 instance doesn't seem unusual. Is it? Should I be doing it differently?
Before I go further down the rabbit hole with purchasing certificates and using more AWS services I'm hoping somebody here can give me a little guidance.