2

I have two docker containers in beanstalk instances, One listen on port 80, another one listen port 8080. The security group allows port 80,8080. I can access url on port 80 and 8080 using http. I want to use https. I have created a certificate in ACM. Updated the load balancer in beanstalk env as below. but now i can not access website using https.ImagePorts

Jaishree Mishra
  • 545
  • 2
  • 5
  • 24

1 Answers1

2

You need to https listener in your Load balancer, from the image the protocol is https but the port is 80

  • Create an https listener in LB
  • Map 443 of LB with 80 of the target
  • allow 443 in the SG of LB

instance port should be 80. As the SSL traffic decrypt before sending to the target.

enter image description here

If you are interested to add SSL with 8080 then you need to specify certificateenter image description here with 8080 as well.

Adiii
  • 54,482
  • 7
  • 145
  • 148
  • Yes, that worked well for port 80, Is there anyway I can access port 8080 as well on https – Ashish Mishra Sep 26 '19 at 12:54
  • yes all you need to specify a certificate for `8080` in the listener of ALB. – Adiii Sep 26 '19 at 12:56
  • I have one more question regarding the scenario. Https working fine on port 80 and port 8080. Now I want to redirect all http request to https. I have added below lines in apache virtual conf file. RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} =http RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent] This works fine on port 80 and it redirect to https. But while accessing site like http://example.com:8080, this dose not work well and getting ERR_EMPTY_RESPONSE. I think this is because listener on port 8080 not defined. Any workaround for this? – Jaishree Mishra Sep 26 '19 at 19:41
  • you can redirect in LB, so you do not need to configure it in appache config. https://stackoverflow.com/questions/50065056/aws-alb-redirect-to-https – Adiii Sep 26 '19 at 20:16
  • Its a classic load balancer. Redirection is possible in Application load balancer. Looks like redirection is not possible in Classic Load balancer. I followed this link https://aws.amazon.com/premiumsupport/knowledge-center/redirect-http-https-elb/ Not sure if any workaround possible in CLB. – Jaishree Mishra Sep 26 '19 at 20:26
  • no its not possible in classic load, you to handle at application level. – Adiii Sep 26 '19 at 20:29
  • or add application LB at the backend of classic LB and use the ALB for redirect purpose. – Adiii Sep 26 '19 at 20:30