We're having a bizarre issue on one of our Elastic Beanstalk apps, where every https connection results in a timeout. Verified that the cert itself is fine via openssl s_client , so it looks like an issue with the load balancer - but everything reads fine there too, so I'm a little stumped. We're not using Route 53 (managing DNS over on namecheap) and our cert was purchased externally (not using AWS cert manager). My main questions are: I don't have access to our Namecheap account but I've been assured everything is in line over there - am I on the right track by focusing on the load balancer/aws config as the culprit, or does this sound like it could be some weird DNS misconfiguration? Are there good reasons to avoid using the AWS cert manager when not managing DNS via route 53? If using an AWS-supplied cert could resolve this, I'm happy to go that route instead. This question is very similar but deals with AWS-supplied certs.

amazon-web-servicessslhttpsdnsamazon-elastic-beanstalk

Reputation:

https timeouts on AWS elastic beanstalk app

We're having a bizarre issue on one of our Elastic Beanstalk apps, where every https connection results in a timeout. Verified that the cert itself is fine via openssl s_client, so it looks like an issue with the load balancer - but everything reads fine there too, so I'm a little stumped.

We're not using Route 53 (managing DNS over on namecheap) and our cert was purchased externally (not using AWS cert manager).

My main questions are:

I don't have access to our Namecheap account but I've been assured everything is in line over there - am I on the right track by focusing on the load balancer/aws config as the culprit, or does this sound like it could be some weird DNS misconfiguration?
Are there good reasons to avoid using the AWS cert manager when not managing DNS via route 53? If using an AWS-supplied cert could resolve this, I'm happy to go that route instead. This question is very similar but deals with AWS-supplied certs.

Upvotes: 5

Answers (2)

EdW

Reputation: 2303

There are two places to enable https on elastic beanstalk:

Place 1: From elastic beanstalk environment

select Services
select Elastic Beanstalk
select the environment within the application
select Configuration
in Load balancer section: select modify

select "Add listener" with the following info:

listener port: 443
listener protocol: HTTPS
Instance port: 80
Instance protocol: HTTP
SSL certificate: Add an ACM certificate created from AWS or another

Place 2: The load balancer

select Services
select EC2
scroll down left panel: select Load balancers
select Action
select Edit Listeners

select "Add listener" with the following info:

listener port: 443
listener protocol: HTTPS
Instance port: 80
Instance protocol: HTTP
SSL certificate: Add an ACM certificate created from AWS or another

select Save

Upvotes: 0

Bartosz Petryński

Reputation: 1270

Maybe you are pointing Load Balancer to port 443 + HTTPS instead of 80 + HTTP? Try setting up Classic Load Balancer as shown on the pictures.

Example 1

Example 2

Upvotes: 19

https timeouts on AWS elastic beanstalk app

Answers (2)

Related Questions