I wanted to deploy a Laravel website to amazon, so I did the following steps:
Deployed the Laravel App using Elastic Beanstalk
Configured Route:53 A instance to point to the Ip of Ec2
Created Application Load Balancer with two listeners one at 80 and one at 443
Created 2 target groups Tg80 and Tg443 and designate the listener respectively
Note that Tg443 has a valid SSL certificate
Changed the security group of the Ec2 to be the Load balancer's one
Changed the A instance in Route:53 to be the load balancer's
**Results: **
The site works perfectly on port 80 with http, same for health check, and I can acces the site normally from any browser
The site returns [502 Bad Gateway] on https:443
In (After ssh to instance) /var/log/httpd/error_log I have the following error /var/www/html/.htaccess: RewriteCond: bad flag delimiters
So, I tried, According to the link enforce-https-laravel:
To configure .htaccess in the laravel app as said in the link, refreshed everything `php artisan config:cache, retried health check but Same Results
The I deleted .htaccess and configured app/Providers/AppServiceProvider.php:
use Illuminate\Contracts\Routing\UrlGenerator;
public function boot(UrlGenerator $url)
{
if(env('ENFORCE_SSL', false)) {
$url->forceScheme('https');
}
}
And added ENFORCE_SSL=true in .env and then php artisan config:cache as said in the same link it is a newer way than .htaccess.
But Same Results
I don't know what to do net or how to fix this. I want to be able to access the site with ssl. Please Help. Thank you.
Based the comments, the issue was that the health checks were set to use HTTPS between ALB and EC2. However, since ALB terminates the SSL connections, all traffic between ALB and EC2 is in HTTP, not HTTPS.
Therefore, the solution to not working health checks was to use HTTP for them, rather then HTTPS.
Related
I've deployed a laravel application to AWS Elastibeanstalk via code pipeline. I've added linked by the website to a subdomain rather than an EBS-provided domain. However, my app is working totally fine but the status of the health is severe with the following error:
Target.FailedHealthChecks
I'm thinking that EBS is using its own domain for checking the website's health status and is failing as the App is not responding to HTTP protocol My app has the code to always listen to HTTPS requests and not HTTP. I've configured the load balancer's default protocol to HTTPS and added a URL that is returning 200 response for the status checks but still, the health is showing as severe. How can I change the domain of EBS to check for health on that domain rather than using its own created one?
By going to AWS EBS -> Configurations->Load balancer, I was able to change the value of default in Processes by modifying the port to 443 with HTTPS protocol and adding the path to the URL, the status check was transferred to checking on the provided route with the HTTPS request. The load balancer will always check the default domain for the status health check.
So I have a load balancer connected to an ec2 instance. The ec2 has a php website running on port 8000 hosted in iis 8.5. Now http health check is passing after adding binding in iis for port 8000, but https health check is failing. But since in iis, I have used URL rewrite to redirect all http into https, thus even if load balancer's https health check is failing I can still access website on https connection.
But I really want to make my health check for https pass.
So for that I figured out, I either run https application inside ec2 on a different port than 8000 and add a binding for it (dropped the idea cause client didnot want) OR,
Redirect https target group to http target group.
Is this possible? If yes, how?
I have the following setup:
React.js App on Cloudfront (example.eu) -> Certificate for *.example.eu and example.eu
Fargate Python FastAPI instance on port 5000
Load Balancer internet facing http://***.eu-central-1.elb.amazonaws.com/
I can visit my website https://example.eu just fine
So in my front-end I defined the Load Balancer URL for doing the requests to the Fargate instance --> GET http://***.eu-central-1.elb.amazonaws.com/users.
I clicked on the button on the website to fire the request to the backend but I get a mixed content error in the browser.
Well, I thought let's do the calls over https - I added a HTTPS on 443 listener and added the certificate created earlier. And if I deactivate the SSL verification (e.g. in Postman) that works fine but else I get in my browser the following error:
VM11:1 GET https://***.eu-central-1.elb.amazonaws.com/users net::ERR_CERT_COMMON_NAME_INVALID
Do I need another certificate for the load balancer URL? I checked out a lot of tutorials and they only create one for the domain.
Do I need to add the certificate to my back-end?
I'm really confused how I can establish a proper https communication from example.eu over the load balancer https://***.eu-central-1.elb.amazonaws.com to my Fargate backend on port 5000.
Thanks
Found the solution:
Go to your Route 53 and add an A entry with Alias Target to the ALB.
Important: Add a subdomain in the name field: e.g. api.example.eu.
That's it :)
I have a .dev domain that requires the website to be hosted using HTTPS.
I am hosting a static website on GCP. For the HTTPS Certificate, I've created one using Letsencrypt and also tried using GCP generated Cert.
I am using a Load-Balancer setup to use the HTTPS cert and serve the static website out of Storage bucket.
However when I go to my site I am told it is not secure. I am currently using GCP generated Cert, waited 12 hours and I get the following error.
How can I fix this so that I don't see it, nor need to add an exception. In this case I am even unable to add an exception with a .dev domain.
Also I have a follow up question. How can I force all HTTP traffic to use HTTPS using the Load-Balancer?
I got this working by doing the following:
Change Load-balancer IP from ephemeral to static.
Add A record of Load-balancer IP to DNS record.
Side note: if you got a Static website working with HTTP, you will also need to change the CNAME entry pointing to c.storage.googleapis.com. to an A record with the IP record of the Load-balancer.
I have implemented SSL on my EC2 Windows instance. As AWS doesn't directly allow to configure SSL on EC2 instance, so I created a Load Balancer with HTTPS and configure my SSL certificate with it. I have selected my EC2 instance for Load Balancer.
Following are the listeners of my Load Balancer:
After this configuration, my domain starts working on http and also on https like http://example.com and https://example.com
Now, I want to redirect http request to https. My domain is on Godaddy. I have successfully change DNS and they are working. But when I place URL rewrite code in web.config file then both of my URLs stop working. It gives HTTP error 503
This link outlines some great options - https://blogs.msdn.microsoft.com/kaushal/2013/05/22/http-to-https-redirects-on-iis-7-x-and-higher/