How to enable HTTPS on AWS Docker

Question

Hi there,

I have been struggling running a single instance Docker with HTTPS on AWS.

The HTTP access is working properly but I cannot access HTTPS (Google Chrome showing "This site can't be reached").

Here we have a single instance with Elastic Beanstalk. So there is no Load Balancer, and the certificates are hosted on the instance.

I followed this tutorial: AWS HTTPS Single Instance Docker

The Instance is working properly, my certificates are uploaded properly and the nginx config too. This is what I got so far:

• Tried to setup the Security Group to allow TCP 443, did not work.
• Tried to setup the Security Group to allow All Traffic to Anywhere, did not work.
• HTTP access from my domain name is working, which makes me believe it is not a DNS problem.
• HTTPS access is working with curl from the instance, so nginx config looks good to me (with log access working properly).
• The /var/log/nginx/access.log does not shows any results when I hit my domain name with HTTPS.

Here is my Security Group values

Port range    Protocol    Source                    Security groups
80            TCP         sg-03d37000000000000      MY_SECURITY_GROUP
All           All         0.0.0.0/0                 MY_SECURITY_GROUP
All           All         ::/0                      MY_SECURITY_GROUP
443           TCP         0.0.0.0/0                 MY_SECURITY_GROUP

When I hit the instance nginx in HTTPS

(insecure is because certificate domain name is not 127.0.0.1, the API result is correct)

[ec2-user@ip-123-345-67-89 nginx]$ curl --insecure https://127.0.0.1
{"status":"ok","api":"sdk"}

This is what I get from Google Chrome when trying to access the website Google Chrome showing "This site can't be reached"

Here is the logs from nginx access

[ec2-user@ip-123-345-67-89 nginx]$ tail -f /var/log/nginx/access.log
AWS_IP    - - [01/Oct/2020:14:02:48 +0000] "GET / HTTP/1.1" 200 56 "-" "ELB-HealthChecker/2.0"                               "-"
MY_IP     - - [01/Oct/2020:14:02:50 +0000] "GET / HTTP/1.1" 304 0  "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) ..." "123.345.67.89"
AWS_IP    - - [01/Oct/2020:14:02:57 +0000] "GET / HTTP/1.1" 200 56 "-" "ELB-HealthChecker/2.0"                               "-"
AWS_IP    - - [01/Oct/2020:14:03:03 +0000] "GET / HTTP/1.1" 200 56 "-" "ELB-HealthChecker/2.0"                               "-"
127.0.0.1 - - [01/Oct/2020:14:03:10 +0000] "GET / HTTP/1.1" 200 27 "-" "curl/7.61.1"                                         "-"
AWS_IP    - - [01/Oct/2020:14:03:12 +0000] "GET / HTTP/1.1" 200 56 "-" "ELB-HealthChecker/2.0"                               "-"

So far I believe there is something wrong between my AWS config and the instance as everything is working on the instance.

But the AWS Config looks good to me so I have no other ideas about the origin of my issue.

Any help would be appreciated. Thanks a lot for reading all of this.

Answer 1

Based on the comments.

The issue was caused by using load-balanced EB environment by mistake, rather then single-instance one.

The solution was to change the load-balanced EB environment to single-instance one in EB console.