Rails app on aws using https

Question

I am trying to make access to my rails app (hosted on aws) use https. I followed the instructions posted on http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html but the end result doesn't behave as expected, so I am guessing there is a step that I am missing.

These are the steps I did:

1. Generated server cert to have the CN=*.example.com (not a self-signed cert; its a cert issued by godaddy).

2. In my AWS Elasticbeanstalk environment, I set the Load Balancer configuration so that the secure listener port = 443, and protocol is HTTPS, and the ssl cert is the ID of the certificate I got from step 1.

3. In my EC2 settings, I added an inbound rule to allow https over port 443, from source 0.0.0.0/0 (for my apps security group).

4. In my rails app configuration, I set the force_ssl flag for production to true.

However, now when I try to access my site by going to either example.com or https://example.com, it just keeps loading indefinitely, and the message in the browser status bar is "Connected to example.com...", but it doesn't do anything after that. When it eventually fails, the browser gives me the error that "The connection was interrupted."

Am I missing another configuration step? Any idea what I might be doing wrong? Regards,

Answer 1

Thanks to HTTPS not working (on AWS Elastic Beanstalk based site) and Can't access HTTPS site on Elastic Beanstalk after configuring HTTPS in the load balancer (both of which I missed when I posted my original question).

To sum up those two posts, the issue was in setting the security group for the load balancer, and not the application itself.

When you look at the security groups, you should find one for your app, and a separate one for the load balancer. I had originally changed the security group for my app with the addition of the inbound rule to allow https. Once I added that rule to the security group for the load balancer, it worked correctly.