I am trying to create a personal website with my own domain name (for this post say its example.com) using an AWS ec2 instance. I purchased a google domain (example.com), created some records in Route 53 on AWS and added the name servers to my google domain. My site is running on http and not https.
I can connect to my site using the ip address in my browser but not with the domain name and am trying to figure out why.
I am fairly confident that the configuration is correct because of the following...
- The command
nslookup example.com
resolves to the correct IP address. - I also found that I can ssh into my server with the domain name
ssh [email protected]
- When I send a curl request to the domain I am able to get a response with my sites html.
curl example.com
After doing some research and I think that the possible error in the configuration could be related to the browser not liking me having a domain that is only using http and not https. I am still a bit unsure of how to setup https as I believe I need web certificates (I believe these cost money although I don't know much about ssl certificates yet). This website is small and I was hoping to do some testing over http only for the time being.
Any help is appreciated on whether http / https is the issue, or where I potentially could have messed up in the configuration.
If http / https is the issue is there any easy way for me to setup https with aws ec2 for a low cost?
CodePudding user response:
The ssh and nslookup shows your DNS setup is ok. As you suspect, the issue is likely the browser trying to upgrade to HTTPS. Here's a few steps you could follow to troubleshoot:
- Try typing in the full URL into your browser with the http prefix (eg:
http://www.yourdomain.com
) - Turn off any extensions like HTTPS Everywhere that might be forcing HTTPS.
- Your browser itself could be forcing this with HSTS. In Chrome, go to
chrome://net-internals/#hsts
. Under Delete domain security policies, enter your domain name and delete. - You can set up SSL on your instance using https://letsencrypt.org/. It's free, and they have documentation to guide you through the process.
Note that your browser will look for HTTP on port 80 and HTTPS on port 443, so those ports will need to be open on your security group. If your site uses some other port, you will need to include that as well (eg: http://yourdomain:8080/
) and also open it up in the security group.
As an aside, please keep in mind your set up isn't very robust. EC2 instances can get replaced for various reasons, so don't treat it as a permanent virtual server. For example, using your instance's public IP for DNS is not a good idea since it can change if the instance gets restarted, so you should use an elastic IP or load balancer.