Can't access HTTPS site on Elastic Beanstalk after configuring HTTPS in the load balancer
I have a standard Elastic Beanstalk app set up and running great over HTTP. There is one EC2 instance (for now), and the domain is configured with a CNAME pointing to the load balancer. Following the instructions in the AWS documentation, I inputted the SSL certificate and configured the load balancer as such:
- Load balancer protocol: HTTPS
- Load balancer port: 443
- Instance protocol: HTTP
- Instance port: 80
- Cipher: [default]
- SSL certificate: myCert
The changes look like they have been applied; in the load balancer description, I see:
Port configuration:
80 (HTTP) forwarding to 80 (HTTP)
Stickiness: Disabled
443 (HTTPS, Certificate: myCert) forwarding to 80 (HTTP)
Stickiness: Disabled
However, I cannot access the site at the HTTPS load balancer URL or my domain's HTTPS URL. Request times out. The HTTP site continues to work well.
Is there any additional configuration I have to do to have the server respond on HTTPS? Am I correct in assuming that there is no configuration required at the app level, since SSL is terminated at the load balancer and the app will continue to speak HTTP?
Answer
What I suspect you are missing is allowing access to your instance from your load balancer's security group.
You can see the load balancer's security group here:
Then you can see add it to your instance's security group here:
