Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can't get https working on Elastic Load Balancer (AWS)

Tags:

ssl

amazon-web-services

amazon-ec2

I have a load balancer in front on an ec2-Classic instance. I have checked that the load balancer is working properly by directly linking to the DNS Name value that is listed in the Description tab for my load balancer. This gives me the main page of the webpage that lies on the EC2 instance. Thus my load balancer is working. My load balancer and my EC2 instance are in the same avalibility zone.

My load balancer has set up an SSL certificate and I have two listeners setup to forward http (port 80) and https (port 443) to instance port 80 as http. My EC2 instance has a security group set to accept http and https with protocol TCP on ports 80 and 443 respectively. Although my understanding is that only the port 80 would be useful, right? The data for the certificate are in the pem format. I have addded to my instance security group a custom TCP on Port Range 0 - 65535 for amazon-elb/amazon-elb-sg. This did nothing.

I can access my site using http just fine. If I try to access using https then I get Error code: ERR_CONNECTION_REFUSED on Chrome and Unable to Connect on Firefox.

I have checked similar posts for this question and nothing seems to help.

Any help or ideas would be greatly appreciated. Thanks

like image 958
cafman Avatar asked Feb 13 '15 03:02

cafman

2 Answers

Have you made sure that the ELB is in a security group that allows https on port 443?

like image 60
bytesandwich Avatar answered Sep 22 '22 19:09

bytesandwich

I had a similar problem with both classic and advanced load balancer. The thing that was missing for me is that the https to http translation stuff only workers AFTER you make an A record in the DNS for the domain your SSL is on ALIASED to the load balancer you just created. Once I did that all was well through that new A record DNS. Your instance doesn't need to accept port 443 and your LB definitely should not be forwarding over 443.

Hopefully it is something straightforward like this for you as well.

Wait, what SSL certificate in PEM format? I used an Amazon SSL certificate I just got from the dropdown. Are you sure you used an SSL certificate?

like image 30
Samantha Atkins Avatar answered Sep 23 '22 19:09

Samantha Atkins
Sign in to Comment

Related questions

Django channels using secured WebSocket connection - WSS://
hosting multiple SSL certs on apache
iOS HTTPS requests 101
Certificate pinning not working with OkHttp on Android
Android/Java -- How to Create HTTPS Connection?
OpenSSL: explicitly set start/end date using `openssl req`?
how to debug an ssl connection?
iOS 8 has broken SSL connection in my app - CFNetwork SSLHandshake failed (-9806)
why is keycloak removing the SSL in the redirect uri?
openssl ssl_connect blocks forever - how to set timeout?
Verify Incoming SSL Using OpenSSL S_Server
.Net SslStream with Client Certificate
How to setup Letsencrypt for Google Cloud Compute Engine load balancer?
How to set up HTTPS for local testing purposes?
Java CertificateException "No subject alternative names matching IP address ... found"
helm: x509: certificate signed by unknown authority
Nginx SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share
SSL: How are certificates protected against man in the middle attacks?
How to correctly send binary data over HTTPS POST?
Create app with SSLSocket Java

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!