I am deploying a MERN stack using EC2 on AWS.
I have created SSL certificates for the following domains:
example.com
*.example.com
www.example.com
The cname and cvalue for example.com and *.example.com are identical but they are different for www.example.com
I have set up target groups and a load balancer and edited the listener to redirect from http to https.
I have set up 3 different records in the hosted zone of route 53 so that www.example.com, *.example.com and example.com are directed to the loadbalancer
I can load https://example.com
http://example.com directs to https://example.com
When the website loads (either by typing http or https) it does not connect to the server.
I am getting the following error in the console:
Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://54.220.212.131:5000/events'. This request has been blocked; the content must be served over HTTPS.
54.220.212.131 is the site's IP and 5000 is the server's port. This is hard coded in the front end.
How should I get the client to send requests to the server for a https connection?
It sounds like you have two services running, a front-end service that you have correctly configured to run behind a load balancer, and a back-end service that you are connecting directly to via the server's IP address on port 5000.
Your backend on port 5000 is not secure, and that is exactly what the web browser's error is telling you. You need to configure all your services to run behind the load balancer. You need to create a second target group that sends traffic to port 5000 on your server, and setup a routing rule on the load balancer's listener to send all traffic for api.ticketglen.com to that target group. Then you need to change your hard-coded values in from http://54.220.221.131:5000 to https://api.ticketglen.com.
What worked for me was to create the SSL certificates from the server and delete them and the load balancer altogether from the AWS platform.
Process is outlined here
Related
One ACM was issued to *.example.com. With this, it was applied to public route 53 called example.com as CNAME, and two load balancers were connected using it. The two load balancers ran front and back-end services, respectively.
However, the problem is that the frontend was applied with https, but the backend was not applied.
The domain of the backend is, for example, api.example.com, which was accessible to both http and https.
I redirected HTTP 80 to HTTPS 443 on the back-end load balancer, but why didn't it apply?
The front end is redirected to https even if it is accessed through http.
Record A was given 'api.example.com' and the backend load balancer is equally http 80 redirect https 443.
However, if you access through http, you can see a server that does not display ssl authentication, and if you access through https, you can see a server that shows ssl authentication.
Naturally, it was set to 80 redirect 443 forward.
Check the backend load balancer if it has an SSL cert associated with it.
When you associate Route53 with an ACM SSL cert, it only validates the ownership of the domain. Route53 is a DNS service, it does not participate in SSL encryption. It is the load balancer's job in your topology.
Also, you can use an Alias record instead of CNAME to route to load balancers deployed on AWS; then the Route53 DNS calls are free. (I was not sure whether the CNAME record you mentioned was the actual routing record or just the validation one, so decided to mention that.)
I set up an EC2 Instance
I uploaded an SSL Certificate and set it up correctly (Working)
When i go to my site using https it loads properly therefore no error with the certificate
I created an application Load Balancer
I set everything up and set Redirecting in http to https port 443
This still doesn't redirect my http page requests
I tried the DNS Name (A Record) in in load balancer and it shows that the connection is not secure and then loads my website in http itself
Have i missed out any crucial part?
Any help is appreciated
I Created an EC2 instance that is running perfectly over http.but when i try to replace http to https i got this printed on the browser This site can’t provide a secure connection. the security group that is associated to this instance is configured to allow requests from both HTTP and HTTPS as in the attached image:
You are trying to run https over a port that has been configured for HTTP.
There are multiple options to get around this:
Setup a proxy on your local server, such as Nginx. Setup certbot to generate your SSL and then serve this from your proxy.
Create an ELB in front of your server, generate a certificate in ACM and add your server as a target (running http) to the ELB. Use the load balancer for SSL termination.
Create a CloudFront distribution in front of your server, generate a certificate in ACM and forward traffic to your server as the origin (running http).
I have a client application hosted on S3 with a custom domain on godaddy. Cloudfront is serving all of the http(s) requests - all of that is well and good. I have an SSL certificate through ACM. There is an input dialog on the UI that when submitted, makes a POST request to a flask application running on ELB, but this request is failing because ELB is not configured for HTTPS (i.e. chrome is blocking an HTTP request because of mixed-content). Requests to the HTTP version of the endpoint work fine, but HTTPS requests time out. How do I configure the ELB load balancer to accept HTTPS requests? I've modified the configuration of the load balancer like so: https://imgur.com/3zWpS7f but requests are still failing. Any tips? Much appreciated!!
EDIT: I've configured the load balancer with a security group that allows ingress on 443 with HTTPS but now i'm getting a "Not secure" message with Chrome. is this because the certificate is registered with a domain associated with the site and not this api? do i need a separate certificate? The error code from chrome is: err_cert_common_name_invalid
When I navigate to my domain link: https://www.mdxbusiness.com I see a blank page with no errors.
I have to note that before I forwarded the HTTP to HTTPS the http://www.mdxbusiness.com worked fine.
I have:
GoDaddy domain with a valid SSL Certificate.
AWS EC2 2 instances associated to Elastic Load Balancer with HTTP & HTTPS Listeners (and security groups).
CName in GoDaddy that links to the AWS Elastic Load Balancer.
In both AWS EC2 instances I have an RDP with IIS with a binding to HTTP & HTTPS - The HTTPS has the SSL Certificate of the GoDaddy's domain.
I use Microsoft Windows Server 2012 R2 Base in both AWS EC2 instances, I have their the DB which is the SQL SERVER and the project which is MVC.
Again - The HTTP worked good as expected but the HTTPS not - shows a blank page.
What could be the cause for this and how can I fix it?
Your ELB listeners should match below setting. The HTTPS should listen to Port 80