无法访问 AWS Application Load Balancer EC2 实例中的 HTTPs
[英]Unable to Access HTTPs in AWS Application Load Balancer EC2 Instance
问题描述
I have an EC2 Instance, and want to add HTTPS to it.
我有一个 EC2 实例,并且想将 HTTPS 添加到它。 I am able to access it using http.我可以使用 http 访问它。
I have added an Application Load Balancer, and enabled the Ports 80 and 443.我添加了一个应用程序负载均衡器,并启用了端口 80 和 443。
I also added the DNS of the ALB in Route 53.我还在 Route 53 中添加了 ALB 的 DNS。
api.example.com alias to the ALB DNS
However, when I access the ALB using HTTP, it works fine.但是,当我使用 HTTP 访问 ALB 时,它工作正常。 But when I try to do the same using HTTPs, it gives an error "This site can't be reached".但是,当我尝试使用 HTTPs 执行相同操作时,会出现错误“无法访问此站点”。
Things I have already done:我已经做过的事情:
- Added Certificate Manager to api.example.com将证书管理器添加到 api.example.com
- Added HTTPs(Port 443) config to Security Groups.向安全组添加了 HTTPs(端口 443)配置。
Can anyone help me out in this?谁能帮我解决这个问题?
1 个解决方案
解决方案1
0 2021-06-19 15:06:19
It seems that you are missing a listener on port 433 in your ALB or the listener is not properly configured.您似乎在 ALB 中的端口 433 上缺少侦听器,或者侦听器配置不正确。
If you want to directly expose your ALB to the outside, eg without a CloudFront distribution in front of it, your ALB will need to handle TLS.如果您想直接向外部公开您的 ALB,例如在其前面没有 CloudFront 分配,您的 ALB 将需要处理 TLS。 Proper way of doing this would be to do SSL termination on the ALB and then forward the plain request to your targets.这样做的正确方法是在 ALB 上执行 SSL 终止,然后将纯请求转发给您的目标。 Unless of course there are compliance ready for not being able to so.当然,除非有合规性准备好不能这样做。 Among other things, this will make your life easier as you don't have to manage the keys on the targets.除此之外,这将使您的生活更轻松,因为您不必管理目标上的键。
Therefore, you will need to make sure that your listener is properly configured, ie, that is always forwards to port 80, considering that your targets expect traffic on port 80.因此,您需要确保您的侦听器配置正确,即始终转发到端口 80,考虑到您的目标期望端口 80 上的流量。
Best, Stefan最好的,斯特凡
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.