I just moved from Digital Ocean to AWS. My usual setup procedures for the web server I use for experimentation are not working.
I can reach the site through IPv4 but all domains error out and my SSL certificate doesn't show up when tested on SSL Shopper. DNS appears to be working fine, my firewall is open, SSL certificate installed and NGINX running fine. When all the obvious things are working what do I need to check? Or alternately am I missing something really obvious?
This is my setup.
The IPv4 address brings up the default NGINX welcome screen.
Unfortunately all domains error out,
SSL Labs test
IPs detected correctly on https://www.ssllabs.com/ but in both cases unable to connect to server.
SSL Shopper test
No SSL certificates found on https://www.sslshopper.com/.
In Linux
Both ports open.
firewall-cmd --list-ports
80/tcp 443/tcp
Nginx installed.
Nginx status: Active: active (running) since Fri 2021-03-05 13:48:16 MST; 2h 33min ago
curl localhost:80 returns 301 redirect which is correct.
Lets Encrypt SSL certificate installed.
Expiry Date: 2021-06-03 18:11:03+00:00 (VALID: 89 days)
In AWS console:
VPC > Your VPCs >
DNS hostnames: Enabled
DNS resolution: Enabled
IPv6 pool: Amazon ✓ Associated
EC2 > Instances >
Instance state: Running
Status check: 2/2 checks passed
Public IPv4 address: 1.1.1.1 (example.com)
Elastic IP addresses: 1.1.1.1 (example.com) [Public IP]
EC2 > Security Groups >
Inbound rules
HTTP TCP 80 0.0.0.0/0
HTTPS TCP 443 ::/0
Route 53 > Hosted zones >
Records
example.com A Simple 1.1.1.1
example.com AAAA Simple 2001:0db8:85a3:0000:0000:8a2e:0370:7334
www.example.com A Simple 1.1.1.1
www.example.com AAAA Simple 2001:0db8:85a3:0000:0000:8a2e:0370:7334
== UPDATE==
This is what my security console looks like. VPC > Security Groups > [my id]
You need to open port 443 for IPv4 in your AWS security group (and port 80 for IPv6).