1

I have configured web server front ending with AWS ELB and CloudFront. I have deployed SSL certificate on load balancer (ELB) for HTTPS connection.

We have set up 2 listener protocols:

  1. Source -> 80 -> ELB -> 80 -> EC2 web server
  2. Source -> 443 -> ELB -> 80 -> EC2 web server

The following blog post describes the entire setup in detail: http://www.cloudometry.in/2015/04/dns-entry-confusion-for-aws-elb-backed.html

The issue is that we are able to open dummy test index.html file but when I try to open our application index.php, everything falls apart and browser keeps on refreshing.

I have noticed following log in web server's access log

[26/Apr/2015:17:08:21 +0000] "OPTIONS * HTTP/1.0" 200 125 "-" "Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 PHP/5.5.9-1ubuntu4.6 (internal dummy connection)"

Has anyone faced this issue? Am I missing any configuration?

Starfish
  • 2,735
  • 25
  • 28
Tejas Sheth
  • 11
  • 1
  • This looks to me like a PHP/Apache configuration issue - the `OPTIONS` log line is normal if you're using an ELB and the port forwarding looks OK. I would recommend that you check that PHP has been installed correctly and configured in Apache. – Craig Watson Apr 27 '15 at 14:04
  • Thanks for the quick reply. The application working fine if i directly point dns to ec2 elastic ip address. i have found one more article http://serverfault.com/questions/677560/redirect-loop-when-forcing-https which states that The traffic from the ELB will always be HTTP as it handles the HTTPS traffic to the user but to the server it's HTTP, is that the reason it is resulting in loop? – Tejas Sheth Apr 27 '15 at 16:10
  • but don't know much about the RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301 configuration – Tejas Sheth Apr 27 '15 at 16:12
  • The traffic from ELB to instance is always plain-text - the ELB handles the SSL offload and forwards the plain-text HTTP request to your webserver. – Craig Watson Apr 27 '15 at 16:24
  • Regarding the `RewriteCond` line - I suggest you take a look at some documentation to work out if it's correct. Examples: http://www.emind.co/how-to/how-to-force-https-behind-aws-elb and http://www.frankmitchell.org/2013/05/https-elb/ – Craig Watson Apr 27 '15 at 16:27
  • i have applied all the mentioned fix but still when I open web page in browser i am getting following error http://pastebin.com/xrNcugDX – Tejas Sheth Apr 27 '15 at 20:28

0 Answers0