- Newest
- Most votes
- Most comments
If I understood correctly everything worked prior to installing the SSL certificate.
Can you provide more details on how the connection to your backend server is being made? Where is the front end running? Are all required ports open on SGs and NACLS? Typically SSL works on port 443 so your NACLs, SGs and possible VM firewall rules need to allow traffic on that port.
Hello, thanks for the reply.
- Yes everything worked just fine prior to the ssl install.
- The Frontend is running on an AWS EC2 Linux node,react web app.
- Yes, all needed ports are open in all locations.
- I changed the app to port 8443, and made sure those ports were open in all locations. Still no joy... Thoughts? Do I need to do anything special with the cert and route 53? Thanks again.
Sorry for the late reply.
It seems like Tomcat is not configured correctly, I would suggest looking into the Tomcat configuration and/or tutorials on how this should be done. Googling on the warnings you posted should give you some pointers.
Is there any particular reason why you want to terminate SSL at your EC2 machine? Have you thought on using an application load balancer for SSL termination instead of your EC2 machine? Using an application load balancer will also grant you additional capabilities like Web Application Firewall and AWS Shield Standard further protecting the underlying infrastructure.
Hope this helps!
I currently am using a LB for the UI side of the application. My understanding is that you only get 1 for free... :-) So trying to get everything up and running on the cheap. Thanks for any additional thoughts.
Relevant content
- asked 10 months ago
- Accepted Answerasked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
So, I was able to find additional errors in the logs: 13-Sep-2023 02:53:36.365 WARNING [main] org.apache.tomcat.util.digester.Digester.endElement No rules found matching [Server/Service/Valve] 13-Sep-2023 02:53:36.481 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [keystoreFile] to [conf/additionalDir/server.p12] 13-Sep-2023 02:53:36.482 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [keystoreType] to [PKCS12] 13-Sep-2023 02:53:36.482 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [keystorePass] to [********] 13-Sep-2023 02:53:36.483 WARNING [main] org.apache.tomcat.util.digester.SetPropertiesRule.begin Match [Server/Service/Connector] failed to set property [keyAlias] to [tomcat]
Can anyone point out what my issue is? Should I just redo the whole cert process? Or is it that the file can't be found? Thanks again.