Reputation: 7788
ec2 isn't responding on 443 with AWS beanstalk
I'm using elastic beanstalk with AWS. I have a java/tomcat application I'm trying to deploy to https. I've now spent nearly 2 days trying to get https up and runnng with very minimal success. What I've done and what I'm seeing happen.
1. I bought and created a ssl certificate that I installed with my load balancer.
2. I pointed 443 in load balancer security to 80 as the instructions stated and I've also tried pointing it to 443,8443,4443
3. In my security group for my beanstalk instance, I enabled 443 to all external ips
4. In beanstalk I turned on port 443
Now where I get really confused.
1. As long as I don't try and secure my entire application, I'm able to get ssl working in my apps admin accounts without issue. The app will automatically redirect the protocol from http to https.
2. Oddly enough I'm outputting the active port and no matter if I'm in http or https, the app is seeing the active port as 8080. How could this be if the load balancer is suppose to be using 443? Also, how would the ssl certificate work on port 8080 or is the ssl certificate working somehow on the load balancer side and the load balancer is doing some sort of port forwarding to the ec2 instance?
3. If I attempt to secure the entire application doing a forced redirect to https from http. The app fails to load. I've tried redirecting to 443,8443,4443 without success. I need to do this redirect in order to tell google my pages have moved from 80 to 443.
Anybody understand what my be happening or how this works?
Upvotes: 1
Views: 726
Answers (1)
Reputation: 1345
In your application environment click >> Configuration then scroll drop to the Network Tier and edit the Load Balancing Properties.
Select 443 for secure listener port, HTTPS for protocol and finally the certificated you added previously in your load balancer.
To answer your questions, your SSL certificate is installed on the load balancer which port forwards all traffic from 443 to 8080 on the server(s). Forcing 443 on your application will break your app because the Elastic Beanstalk load balancer will forward to port 8080 and not on 443 where I suspect your application is listening.
Upvotes: 1
Related Questions
- Why Https doesn't work on EC2?
- HTTPS not working (on AWS Elastic Beanstalk based site)
- AWS SSL certificate with Elastic Beanstalk: HTTPS site not reachable
- AWS Elastic Beanstalk - SSL Certificate added but still HTTPS Error: SSL_ERROR_BAD_CERT_DOMAIN
- Why is https being blocked on AWS Elastic Beanstalk?
- Elastic Beanstalk instance not responding with https
- How to get HTTPS to work on a website - specifically an Elastic Beanstalk site in AWS
- Tomcat 8 HTTPS connection not working on AWS EC2
- AWS Elastic Beanstalk HTTPS not working
- Why Tomcat SSL does not work on port 443 on Ubuntu EC2 instance