在负载均衡器中配置 HTTPS 后无法访问 Elastic Beanstalk 上的 HTTPS 站点 [英] Can't access HTTPS site on Elastic Beanstalk after configuring HTTPS in the load balancer
问题描述
我有一个标准的 Elastic Beanstalk 应用程序,通过 HTTP 设置并运行良好.有一个 EC2 实例(目前),域配置了一个指向负载均衡器的 CNAME.按照 AWS 文档中的说明,我输入了 SSL 证书并配置了负载均衡器像这样:
I have a standard Elastic Beanstalk app set up and running great over HTTP. There is one EC2 instance (for now), and the domain is configured with a CNAME pointing to the load balancer. Following the instructions in the AWS documentation, I inputted the SSL certificate and configured the load balancer as such:
- 负载平衡器协议:HTTPS
- 负载均衡器端口:443
- 实例协议:HTTP
- 实例端口:80
- 密码:[默认]
- SSL 证书:myCert
更改看起来像是已应用;在负载平衡器描述中,我看到:
The changes look like they have been applied; in the load balancer description, I see:
Port configuration:
80 (HTTP) forwarding to 80 (HTTP)
Stickiness: Disabled
443 (HTTPS, Certificate: myCert) forwarding to 80 (HTTP)
Stickiness: Disabled
但是,我无法通过 HTTPS 负载平衡器 URL 或我域的 HTTPS URL 访问该站点.请求超时.HTTP 站点继续运行良好.
However, I cannot access the site at the HTTPS load balancer URL or my domain's HTTPS URL. Request times out. The HTTP site continues to work well.
是否需要进行任何其他配置才能让服务器响应 HTTPS?我假设应用级别不需要配置是否正确,因为 SSL 在负载均衡器处终止并且应用将继续使用 HTTP?
Is there any additional configuration I have to do to have the server respond on HTTPS? Am I correct in assuming that there is no configuration required at the app level, since SSL is terminated at the load balancer and the app will continue to speak HTTP?
推荐答案
我怀疑您缺少的是允许从负载均衡器的安全组访问您的实例.
What I suspect you are missing is allowing access to your instance from your load balancer's security group.
您可以在此处查看负载均衡器的安全组:
You can see the load balancer's security group here:
然后您可以在此处看到将其添加到您的实例的安全组:
Then you can see add it to your instance's security group here:
这篇关于在负载均衡器中配置 HTTPS 后无法访问 Elastic Beanstalk 上的 HTTPS 站点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
