带有SSL和自定义健康检查URL的Elasticbeanstalk（在其他端口上）不起作用

Question

i using elastic beanstalk and added successfull a letsencrypt https cert yesterday. but now, my custom health check is set my systemstatus to red.

if i remove the ssl config (all properties with namespace ""namespace:aws:elb:listener:443"). the healthcheck it's working.

it's not a port problem, i allowed public access to the port temporally.

what do i forget ?

Thanks Marcel

my ebextension config is this:

---

Resources:
  healthPort: 
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
      IpProtocol: tcp
      ToPort: 7979
      FromPort: 7979
      SourceSecurityGroupName: { "Fn::GetAtt": ["AWSEBLoadBalancer", "SourceSecurityGroup.GroupName"] }

---

option_settings:

  - namespace:  aws:elasticbeanstalk:application
    option_name:  Application Healthcheck URL
    value: HTTP:7979/health

---

option_settings:
  - namespace: aws:elb:listener:80
    option_name: ListenerEnabled
    value: true

  - namespace: aws:elb:listener:80
    option_name: ListenerProtocol
    value: HTTP

  - namespace: aws:elb:listener:80
    option_name: InstancePort
    value: 80

  - namespace: aws:elb:listener:80
    option_name: InstanceProtocol
    value: HTTP

  - namespace: aws:elb:listener:443
    option_name: ListenerEnabled
    value: true

  - namespace: aws:elb:listener:443
    option_name: ListenerProtocol
    value: HTTPS

  - namespace: aws:elb:listener:443
    option_name: InstancePort
    value: 80

  - namespace: aws:elb:listener:443
    option_name: InstanceProtocol
    value: HTTP

  - namespace: aws:elb:listener:443
    option_name: SSLCertificateId
    value: xxx

Answer 1

The problem was the ELB hasn't the right to connect to the 7979 Port. I don't know why it just happend, if i enable ssl but now it works.