I set up an EC2 Instance
I uploaded an SSL Certificate and set it up correctly (Working)
When i go to my site using https it loads properly therefore no error with the certificate
I created an application Load Balancer
I set everything up and set Redirecting in http to https port 443
This still doesn't redirect my http page requests
I tried the DNS Name (A Record) in in load balancer and it shows that the connection is not secure and then loads my website in http itself
Have i missed out any crucial part?
Any help is appreciated
Related
I am deploying a MERN stack using EC2 on AWS.
I have created SSL certificates for the following domains:
example.com
*.example.com
www.example.com
The cname and cvalue for example.com and *.example.com are identical but they are different for www.example.com
I have set up target groups and a load balancer and edited the listener to redirect from http to https.
I have set up 3 different records in the hosted zone of route 53 so that www.example.com, *.example.com and example.com are directed to the loadbalancer
I can load https://example.com
http://example.com directs to https://example.com
When the website loads (either by typing http or https) it does not connect to the server.
I am getting the following error in the console:
Mixed Content: The page at 'https://example.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://54.220.212.131:5000/events'. This request has been blocked; the content must be served over HTTPS.
54.220.212.131 is the site's IP and 5000 is the server's port. This is hard coded in the front end.
How should I get the client to send requests to the server for a https connection?
It sounds like you have two services running, a front-end service that you have correctly configured to run behind a load balancer, and a back-end service that you are connecting directly to via the server's IP address on port 5000.
Your backend on port 5000 is not secure, and that is exactly what the web browser's error is telling you. You need to configure all your services to run behind the load balancer. You need to create a second target group that sends traffic to port 5000 on your server, and setup a routing rule on the load balancer's listener to send all traffic for api.ticketglen.com to that target group. Then you need to change your hard-coded values in from http://54.220.221.131:5000 to https://api.ticketglen.com.
What worked for me was to create the SSL certificates from the server and delete them and the load balancer altogether from the AWS platform.
Process is outlined here
I want to look for a feature on ALB AWS that can update http to https on its own just like in the NGINX load balancer , currently I have a website that uses wordpress but when using ALB, the website only shows text , is there another way to upgrade the url from http to https without having to edit the code?
Yes, you can redirect http to https as explained in AWS docs:
How can I redirect HTTP requests to HTTPS using an Application Load Balancer?
For that you need your own domain name. Once you have the domain you can the SSL certificate for HTTPS from Amazon Certificate Manager which you can deploy on your ALB.
So I was able to get SSL certificate for my website and it is on AWS but for some reason when I input www.mydomain.com or mydomain.com it still shows unsecured on the browser but when I add https to mydomain.com it shows the secure icon. Please anyone with how to solve this?
The reason is the server has no redirection policy, you need to add redirection policy to redirect site from HTTP to HTTPs.
If you are using Application load balancer you can go through below article to set up HTTP to HTTPS redirection.
redirect-http-to-https-using-alb
If you are using Nginx, then you can look into redirect-http-to-https-in-nginx
https-everywhere
SSL in web applications is only carried out when your user loads the website using HTTPS. Generally in this situation you would want to perform a redirect (a 302 is more preferable initially than a 301 as it is not permanent in the event of a rollback).
There are a number of ways you can trigger a redirection without having to make any server changes, it all depends on your infrastructure setup.
If the first point of call is CloudFront you can update your viewer protocol policy to Redirect HTTP to HTTPS. CloudFront will redirect any HTTP request before they touch the origin.
If you're using an application load balancer then you can update your listener rule for HTTP to redirect HTTP to HTTPS. As with the above requests would not be forwarded to your host.
Otherwise if you're a Classic Load Balancer, Network Load Balancer or just plain EC2 then it falls to you modifying the configuration of your hosts to do the redirect (remembering to set to a 302).
Below are links for most common web servers:
Apache
Nginx
IIS
Tomcat
Once you're happy with the redirect, feel free to set as a 301.
The above answer work but in addition, if you are using a load balancer in your AWS EC2 instance you can follow this video link to the best explanation and practice.
How to redirect HTTP traffic to HTTPS in the EC2 Elastic Load Balancer
I have a client application hosted on S3 with a custom domain on godaddy. Cloudfront is serving all of the http(s) requests - all of that is well and good. I have an SSL certificate through ACM. There is an input dialog on the UI that when submitted, makes a POST request to a flask application running on ELB, but this request is failing because ELB is not configured for HTTPS (i.e. chrome is blocking an HTTP request because of mixed-content). Requests to the HTTP version of the endpoint work fine, but HTTPS requests time out. How do I configure the ELB load balancer to accept HTTPS requests? I've modified the configuration of the load balancer like so: https://imgur.com/3zWpS7f but requests are still failing. Any tips? Much appreciated!!
EDIT: I've configured the load balancer with a security group that allows ingress on 443 with HTTPS but now i'm getting a "Not secure" message with Chrome. is this because the certificate is registered with a domain associated with the site and not this api? do i need a separate certificate? The error code from chrome is: err_cert_common_name_invalid
I am trying to configure the redirection for all http traffic to https only. My configuration as follows
We are using ELB and EC2 instances
Configured application Load Balancer in this case.
Backend server is working on port 443, using Nginx
Configured Nginx redirection rule for http to https redirection
Configured ELB listener for both port 80 and 443
Installed SSL Certificate in both backed servers and ELB
My Issue is when a client accesses this application over https URL is working fine in https. But when the clients try to connect this application over http, it is working in http and not redirect it into https.
I need to work this application only in https. How can we force all client communication into https?
Are you checking the right values in the redirect settings? The ALB should set x-forwarded-port and x-forwarded-proto.
Another option would be to use cloudfront in front of your ALB, and set it to force everything to https.