So I have a load balancer connected to an ec2 instance. The ec2 has a php website running on port 8000 hosted in iis 8.5. Now http health check is passing after adding binding in iis for port 8000, but https health check is failing. But since in iis, I have used URL rewrite to redirect all http into https, thus even if load balancer's https health check is failing I can still access website on https connection.
But I really want to make my health check for https pass.
So for that I figured out, I either run https application inside ec2 on a different port than 8000 and add a binding for it (dropped the idea cause client didnot want) OR,
Redirect https target group to http target group.
Is this possible? If yes, how?
Related
I've deployed a laravel application to AWS Elastibeanstalk via code pipeline. I've added linked by the website to a subdomain rather than an EBS-provided domain. However, my app is working totally fine but the status of the health is severe with the following error:
Target.FailedHealthChecks
I'm thinking that EBS is using its own domain for checking the website's health status and is failing as the App is not responding to HTTP protocol My app has the code to always listen to HTTPS requests and not HTTP. I've configured the load balancer's default protocol to HTTPS and added a URL that is returning 200 response for the status checks but still, the health is showing as severe. How can I change the domain of EBS to check for health on that domain rather than using its own created one?
By going to AWS EBS -> Configurations->Load balancer, I was able to change the value of default in Processes by modifying the port to 443 with HTTPS protocol and adding the path to the URL, the status check was transferred to checking on the provided route with the HTTPS request. The load balancer will always check the default domain for the status health check.
I have the following setup:
React.js App on Cloudfront (example.eu) -> Certificate for *.example.eu and example.eu
Fargate Python FastAPI instance on port 5000
Load Balancer internet facing http://***.eu-central-1.elb.amazonaws.com/
I can visit my website https://example.eu just fine
So in my front-end I defined the Load Balancer URL for doing the requests to the Fargate instance --> GET http://***.eu-central-1.elb.amazonaws.com/users.
I clicked on the button on the website to fire the request to the backend but I get a mixed content error in the browser.
Well, I thought let's do the calls over https - I added a HTTPS on 443 listener and added the certificate created earlier. And if I deactivate the SSL verification (e.g. in Postman) that works fine but else I get in my browser the following error:
VM11:1 GET https://***.eu-central-1.elb.amazonaws.com/users net::ERR_CERT_COMMON_NAME_INVALID
Do I need another certificate for the load balancer URL? I checked out a lot of tutorials and they only create one for the domain.
Do I need to add the certificate to my back-end?
I'm really confused how I can establish a proper https communication from example.eu over the load balancer https://***.eu-central-1.elb.amazonaws.com to my Fargate backend on port 5000.
Thanks
Found the solution:
Go to your Route 53 and add an A entry with Alias Target to the ALB.
Important: Add a subdomain in the name field: e.g. api.example.eu.
That's it :)
I have implemented SSL on my EC2 Windows instance. As AWS doesn't directly allow to configure SSL on EC2 instance, so I created a Load Balancer with HTTPS and configure my SSL certificate with it. I have selected my EC2 instance for Load Balancer.
Following are the listeners of my Load Balancer:
After this configuration, my domain starts working on http and also on https like http://example.com and https://example.com
Now, I want to redirect http request to https. My domain is on Godaddy. I have successfully change DNS and they are working. But when I place URL rewrite code in web.config file then both of my URLs stop working. It gives HTTP error 503
This link outlines some great options - https://blogs.msdn.microsoft.com/kaushal/2013/05/22/http-to-https-redirects-on-iis-7-x-and-higher/
I've set up a Wakanda server hosted on an Amazon EC2 instance, that has SSL certificates installed as per the Wakanda documentation and accessing the home page via https easily enough, but won't redirect incoming traffic on port 80 to 443 automatically.
Being an Amazon AWS instance with an elastic IP, I've tried to set up a load balancer to handle the traffic routing for me as a possible solution. Though while that reports that it's routing "Load Balancer Port = 80" to "Instance Port = 443", it doesn't seem to be redirecting traffic either.
I may be missing something entirely in the way the Load Balancer is supposed to work, but is there a way for the Wakanda Server to automatically route incoming http traffic to https? Edit: I have also tried to set up a .htaccess file in my webFolder directory to manually try to redirect traffic, though I'm finding very limited documentation around whether that is a viable option in itself too.
Thanks!
I have run into an issue when enabling https on a server that hosts many sites. I have only enabled https for one site (site1.com), but when a user tries to browse to site2.com which doesn't have https enabled, if they try to get to https://www.site2.com, it redirects to https://www.site1.com. Can I prevent this from happening?
You will need two IPs for that and host one site with a different IP.
The 'problem' is that SSL connection is established on IP basis through TCP before the HTTP Server gets the Request, which is then already encrypted. Since your SSL port is linked to site1 this site will be served.
If your DNS A-Records point to the same IP then the only way i see you could do this is either use two IPs or enter the URL of site2 with http://site2.com (explicitly without HTTPS). In that case the connection would be opened unencrypted on Port 80.
Setup two IPs use HTTPS for one and not the other.