Reputation: 738
Bitnami proxy to node doesn't work after ssl configuration
I create an instance on AWS Lightsail with bitnami's node image.
I installed my app and started it, configured everything according to the guides I found, like this one: host public node js website on amazon AWS LightSail without Bitnami
For some reason I didn't have bitnami-apps-prefix.conf so I created it and then included it in /opt/bitnami/apache2/conf/bitnami/bitnami.conf.
Restarted Apache, and it worked.
Afterward I installed ssl certificate with the provided bncert-tool. after the certificate as added my domain has ssl but I can no longer access my app, I get the default page, the same as I got right after the instance went up:
I checked and it seems that bitnami.conf still includes my addtion of bitnami-apps-prefix.conf
I tried to add proxy as the first thing in the virtual host but it doesn't help.
Here is my /opt/bitnami/apache2/conf/bitnami/bitnami.conf file:
# Default Virtual Host configuration.
# Let Apache know we're behind a SSL reverse proxy
SetEnvIf X-Forwarded-Proto https HTTPS=on
<VirtualHost _default_:80>
DocumentRoot "/opt/bitnami/apache/htdocs"
# BEGIN: Configuration for letsencrypt
Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
# END: Configuration for letsencrypt
# BEGIN: Support domain renewal when using mod_proxy without Location
<IfModule mod_proxy.c>
ProxyPass /.well-known !
</IfModule>
# END: Support domain renewal when using mod_proxy without Location
# BEGIN: Enable HTTP to HTTPS redirection
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} !^localhost
RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+(:[0-9]+)?$
RewriteCond %{REQUEST_URI} !^/\.well-known
RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
# END: Enable HTTP to HTTPS redirection
<Directory "/opt/bitnami/apache/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# Error Documents
ErrorDocument 503 /503.html
#Bitnami applications installed with a prefix URL (default)
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
# BEGIN: Support domain renewal when using mod_proxy within Location
<Location /.well-known>
<IfModule mod_proxy.c>
ProxyPass !
</IfModule>
</Location>
# END: Support domain renewal when using mod_proxy within Location
</VirtualHost>
Include "/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf"
What am I missing here? why requests are not redirected to my app?
Upvotes: 0
Views: 1162
Answers (2)
Reputation: 4714
Bitnami Engineer here,
It seems you didn't follow the Bitnami documentation. If you take a look at it, there are different steps to configure the VirtualHost in the instance.
You can either copy the file we generate in the instance
sudo cp /opt/bitnami/apache/conf/vhosts/sample-http-vhost.conf.disabled /opt/bitnami/apache/conf/vhosts/sample-http-vhost.conf
sudo cp /opt/bitnami/apache/conf/vhosts/sample-https-vhost.conf.disabled /opt/bitnami/apache/conf/vhosts/sample-https-vhost.conf
or generate those files with the following content
- /opt/bitnami/apache/conf/vhosts/myapp-http-vhost.conf
<VirtualHost _default_:80>
ServerAlias *
DocumentRoot "/opt/bitnami/projects/myapp/public"
<Directory "/opt/bitnami/projects/myapp/public">
Require all granted
</Directory>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
- /opt/bitnami/apache/conf/vhosts/myapp-https-vhost.conf
<VirtualHost _default_:443>
ServerAlias *
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache/conf/bitnami/certs/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache/conf/bitnami/certs/server.key"
DocumentRoot "/opt/bitnami/projects/myapp"
<Directory "/opt/bitnami/projects/myapp">
Require all granted
</Directory>
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/
</VirtualHost>
You will need to restart Apache later
sudo /opt/bitnami/ctlscript.sh restart apache
Upvotes: 0
Reputation: 738
I had to add Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
to /opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf.
not sure why it was missing in the first place, from the documentation I understand it's supposed to be there out of the box.
Upvotes: 0
Related Questions
- Bitnami: For security reasons, this URL is only accessible using localhost (127.0.0.1) as the hostname
- Unable to create certificate for my AWS Bitnami wordpress website
- Port 80 and 443 not accessible within my AWS instance but works anywhere else
- SSL for Django project on bitnami
- Official Lightsail SSL with Really Simple SSL Plugin Wrong for Debian Instances
- Let's encrypt SSL for nodejs in lightsail resource missing
- bitnami_wordpress update for https
- Correct place to include ProxyPass and ProxyPassReverse (Bitnami Node.js server on AWS Lightsail)
- apache not working httpd lightsail instance lamp bitnami
- host public node js website on amazon AWS LightSail without Bitnami