By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Why Can I not connect to my website running on EC2 with https?

0

The web service is running in a container. The following is part of my docker-compose.yml.

services:
  webService:
    ports:
      - 80:8080
      - 443:8080

I also created a certificate for my domain name, and configure the inbound rules for both https with port 443 and http with port 80. Currently I can open my website through http://my_domain_name successfully, but can not through https://my_domain_name

The following is the response after I run "telnet my_domain_name 443" with my local laptop.

Trying <my elastic IP>...
Connected to my_domain_name.
Escape character is '^]'.

What is the reason? How can I check it and fix it? Thanks.

  • Gary Mclean EXPERT
    a year ago

    Where did you create the certificate?

Topics
ComputeSecurity, Identity, & Compliance
Tags
Amazon EC2AWS Certificate Manager
Language
English
Post-User-7527369
asked a year ago642 views
1 Answer
1

You can’t have http and https on the same port. Your docker configuration has port 80 and 443 going to port 8080.

You’ll need ssl running on its own port on the web server side.

What you could do is have an alb with ssl setup on it and this ec2 in the target group forwarding to port 80.

Https will run on load balancer.

If you don’t want an alb, you’ll need to install the ssl cert in the container and setup a 2nd port for https

profile picture
EXPERT
Gary Mclean
answered a year ago
  • Post-User-7527369
    a year ago

    Hi Gary, Thanks for your answer. Thanks for your knowledge sharing. Actually I did not know this knowledge point. I created an application load balancer for the VPC of my EC2 instance, but still the same error I can't visit my website through https. Can you give me more suggestions? Do I need configure more? Thanks. I am newcomer of AWS, know almost nothing about AWS, at the same time, I also feel the document of AWS is too difficult to grasp the critical point.

  • Gary Mclean EXPERT
    a year ago

    No worries.

    You will need an internet facing load balancer in a public subnet. This has a route to an internet gateway.

    You’ll need a acm certificate and assigned to the load balancer on port 443

    You will need a target group with your ec2 as and instance using port 80 as the health check.

    A rule will need to be created on the load balancer to send traffic to the target group

    You’ll need a security group on the load balancer allowing 0.0.0.0/0 to port 443

    You’ll need a security group on the ec2 allowing access to port 80 from the load balancer security group

    Dns will need to point to your load balancer.

    Aws is very granular and you have to setup Everything you’ll need.

  • Post-User-7527369
    a year ago

    Thanks for your reply in details. According to my understanding, I think I have done all these steps. "Health check" of my load balancer is also OK. But still I can't access my website running on EC2. Probably there is a configuration error somewhere.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content