Reputation: 399
Elastic Beanstalk classic load balancer HTTPS not connecting
I am attempting to implement SSL on Elastic Beanstalk so that I can access the webcam in my website.
I have a domain name from NameCheap that I configured to my Elastic Beanstalk instance through a Route 53 Hosted Zone using some of the last steps from https://medium.com/@ryan_waits/using-aws-elastic-beanstalk-and-namecheap-to-deploy-and-host-your-node-js-app-dc4129d0eb2c .
I have a certificate that successfully shows up in my load balancer. I am using Classic Load Balancer as I believe this is the only one allowed in the Free Tier of AWS. I configured my load balancer through the steps at https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-elb.html . I then configured my security group settings in EC2 like Can't access HTTPS site on Elastic Beanstalk after configuring HTTPS in the load balancer . The HTTP works but trying HTTPS gives me something like NET::ERR_CERT_INVALID. I figure this is a very simple route setting that I am messing up. I would like in the end for every route to direct to HTTPS.
CONFIGURATIONS:
-Hosted zone through Route 53: name is www.huntermitchell.net, type is A-IPv4 address, Alias is on and set to my current environment
-Classic Load Balancer from Elastic Beanstalk Console Configurations:
-Security Group from EC2 Console:
The Outbound settings are the same as Inbound. I also have two security groups, I'm not sure if that's normal or not, but the one I am using for everything has the description of "Elastic Beanstalk created security group used when no ELB security groups are specified during ELB creation". The other one has the description of "SecurityGroup for ElasticBeanstalk environment." Thanks in advance!
Upvotes: 1
Views: 640
Answers (1)
Reputation: 238051
I am using Classic Load Balancer as I believe this is the only one allowed in the Free Tier of AWS
You can use ALB and CLB on a free tier:
750 Hours per month shared between Classic and Application load balancers
The error you are experiencing NET::ERR_CERT_INVALID is not about security groups. Instead, most likely it is related to using wrong certification on your CLB - one that does not match your domain. A common cause for that is registering wildcard domain for a certificate. Such certificate only applies to subdomains, not parent domains:
When you request a wildcard certificate, the asterisk (*) must be in the leftmost position of the domain name and can protect only one subdomain level.
More about how this works at AWS is here.
Thus I would look into the certificates and their setup to pin point the exact source of the problems.
Upvotes: 2
Related Questions
- Allowing https for Elastic Beanstalk
- Load Balancer unable to redirect from HTTP to HTTPS in Elastic Beanstalk
- Configuring HTTPS for Elastic Beanstalk environment
- Elastic Beanstalk with Classic Load Balancer working with HTTP but not HTTPS
- Unable to force HTTPS for website running ASP.NET on Elastic Beanstalk AWS (With classic Load Balancer)
- Why is Elastic Beanstalk Load Balancer refusing to estabilish a SSL connection?
- Https configuration in AWS Elastic Beanstalk
- Https on Elastic Beanstalk Without Load Balancer
- https on elb not working along with route 53 settings
- Can't access HTTPS site on Elastic Beanstalk after configuring HTTPS in the load balancer