0

Stack

  • Elastic Beanstalk
  • AWS Route 53 for DNS.
  • AWS Certificate Manager for SSL Cert.

What I have done

I have added the CNAME for the certificate (Through the wizard provided by AWS for Route 53).

I have added an inbound rule on the load balancer where the source is anywhere and the port is https(443).

I have added both the www and non-www domains when generating the certificate.

What works

Going to http://example.com works.

What doesn't work

Going to https://exmaple.com throws ERR_CONNECTION_REFUSED.

This leads me to believe my Load Balancer Security Group entry is incorrect.

Questions

  1. How do I correctly assign my ACM Certificate to my Elastic Beanstalk load balance Security Group?
  2. Is there something that I am missing?
  3. How long does it take for a change to the security group to resolve?
msbarnard
  • 101
  • 1
  • First of all, SSL certificates are not assigned to security groups, they are assigned to ELB/ALB/Target groups. But you should allow port 443 in your load balancer security group, that's for sure. – Sergey Kovalev May 01 '18 at 18:53
  • I have definitely allowed port 443 on the load balancer incoming. Is there anything else that could be stopping it from loading? – msbarnard May 01 '18 at 19:06
  • Did you enable HTTPS listener on your load balancer? That `ERR_CONNECTION_REFUSED` suggests that the socket on port 443 isn't even opened. – Sergey Kovalev May 01 '18 at 19:09
  • I have updated this and made progress... Now there is a request timeout. – msbarnard May 01 '18 at 19:43

0 Answers0