I have a problem with HTTPS configuration on AWS hope you can help.
What I already have:
- EC2 - with Elastic IP, open ports screen shot with security group.
- Load Balancer attached to EC2 (with same security group as EC2).
- SSL certificate from AWS (ACM)
- Domain - "Transferred", From another service (not amazon) using just Elastic IP for DNS configurations. (Can this be the problem?)
- Route53 - configured for Domain with AWS (SSL) and for IPV4 address I am using alias for Load Balancer.
How it works:
- EC2: Elastic IP and public DNS (are working only for http) as it should work I guess.
- LOAD BALANCER: Works and gives HTTPS and HTTP access just from DNS name.
- Route53(domain) - Works just for HTTP, every HTTPS request returns ERR_CONNECTION_REFUSED
How I explain this problem for myself (if there is problem please tell me) So if Domain is redirecting from DNS settings to Elastic IP that's attached to EC2 there can not be SSL connection as I am using ACM for ssl certificate, that's when LOAD BALANCER comes for help to connect the Domain and SSL, but as in Domain's DNS there is not connection with LBS, AWS is not able to give the SSL just from Route53 configurations?
Is it going to fix the problem if I will change EC2's elastic ip in Domain DNS with Load Balancer's public DNS name?
Yes, using the instance's Elastic IP as a DNS A record is exactly the cause of the problem. The DNS record needs to point directly to the load balancer.
Point the DNS to tge ELB CNAME and configure Nginx/Apache as X-Proto Forward so that server can forward https redirection requests to load Balancer. If check AWS documentation you will easily able to do this.