Can't access HTTPS site on Elastic Beanstalk after configuring HTTPS in the load balancer

Question

I have a standard Elastic Beanstalk app set up and running great over HTTP. There is one EC2 instance (for now), and the domain is configured with a CNAME pointing to the load balancer. Following the instructions in the AWS documentation, I inputted the SSL certificate and configured the load balancer as such:

• Load balancer protocol: HTTPS
• Load balancer port: 443
• Instance protocol: HTTP
• Instance port: 80
• Cipher: [default]
• SSL certificate: myCert

The changes look like they have been applied; in the load balancer description, I see:

Port configuration:  80 (HTTP) forwarding to 80 (HTTP)     Stickiness: Disabled  443 (HTTPS, Certificate: myCert) forwarding to 80 (HTTP)     Stickiness: Disabled 

However, I cannot access the site at the HTTPS load balancer URL or my domain's HTTPS URL. Request times out. The HTTP site continues to work well.

Is there any additional configuration I have to do to have the server respond on HTTPS? Am I correct in assuming that there is no configuration required at the app level, since SSL is terminated at the load balancer and the app will continue to speak HTTP?

Answer 1

What I suspect you are missing is allowing access to your instance from your load balancer's security group.

You can see the load balancer's security group here:

Then you can see add it to your instance's security group here: