Reputation: 64820
How to redirect HTTPS to HTTP on ELB Application Load Balancer
On Amazon's "Classic Load Balancer" you could create a rule to forward HTTPS connections to HTTP, simplifying SSL and server configuration by uploading the certificate to the load balancer and letting the server only handle http.
I'm now trying to replicate the same setup with the Amazon's newer generation "Application Load Balancer", but the new rule system doesn't seem to allow this.
I can create a rule to listen on HTTPS/443 and redirect, but it only allows me to redirect to HTTPS or #{protocol}://#{host}:80/#{path}?#{query}, which still means my server has to support HTTPS, which I want to avoid, since it means every server still has to contain the SSL certificate and have a site configuration for port 443.
Is this not supported in the new ELB generation, or is there some other way to configure it?
Upvotes: 15
Views: 17957
Answers (2)
Reputation: 466
According to https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html:
You can use an HTTPS listener to offload the work of encryption and decryption to your load balancer so that your applications can focus on their business logic. If the listener protocol is HTTPS, you must deploy at least one SSL server certificate on the listener. For more information, see Create an HTTPS listener for your Application Load Balancer.
What you need to do is set up an HTTPS listener, an AWS IAM server certificate to attach to the listener, and an HTTP target group. You can then attach instances/servers that listen in HTTP to that target group. As Michael said, this is not a "redirect" but a "forward" rule to your target group.
Upvotes: 4
Reputation: 179364
You seem to be confusing two unrelated things.
Redirects are for telling the browser to re-send its request to a different destination.
On ALB, all you need to do to get TLS offloading (which is what you are describing) is to create a target group pointing to port 80 on the instance(s), and then set the default rule on the HTTPS listener to send traffic to that target group.
Upvotes: 9
Related Questions
- Is there option to redirect http traffic to https in aws network load balancer
- Redirect http to https AWS Application Load Balancer
- Redirecting EC2 Elastic Load Balancer from HTTP to HTTPS
- Load Balancer unable to redirect from HTTP to HTTPS in Elastic Beanstalk
- How to change the protocol from http to https in AWS ELB load balancer?
- Redirect Http Url to Https in Elastic beanstalk loadbalancer
- Spring Boot & ELB - How do I make the load balancer redirect http to https?
- Application ELB forward HTTP to HTTPS
- Redirecting AWS ELB HTTP Requests to HTTPS
- Issue with HTTPS to HTTP redirection by Elastic Load Balancer to Tomcat server