Home > database >  How to call AWS EC2 instance endpoint with HTTPS instead of HTTP
How to call AWS EC2 instance endpoint with HTTPS instead of HTTP

Time:10-03

I have an Angular client (v14) that needs to call a spring boot application that run on an AWS EC2 instance. My angular app is hosted on Firebase. My Angular client is deployed under HTTPS so when I do http calls in Angular with something like that :

httpclient.get(http://myPublicDnsAdress:8080/myApiPath)

I have that error:

Mixed Content: The page at 'https://mywebsiteurl.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://ec2-15-188-59-23.eu-west-3.compute.amazonaws.com:8080/activity/random?numberOfActivities=10'. This request has 
been blocked; the content must be served over HTTPS.

I know I need to call my EC2 instance with HTTPS instead of HTTP. Hence my Angular calls would be :

httpclient.get(https://myPublicDnsAdress:8080/myApiPath)

Instead of:

httpclient.get(http://myPublicDnsAdress:8080/myApiPath)

This is where i'm stuck, I don't know how to do it or what is the best option.

Note: I'm new to AWS and I'd like to avoid setting up something that will we cost money like load balancer and so on. But if it is not possible I will do so.

Thank you very much in advance for you help.

CodePudding user response:

The error is clear. You can't mix https and http. The error clear writes that you are using http to access:

http://ec2-15-188-59-23.eu-west-3.compute.amazonaws.com:8080

You have to get proper public ssl certification for your instance as well as your own domain, and setup https for the instance. You can't use https with ec2-15-188-59-23.eu-west-3.compute.amazonaws.com as this is AWS's domain (not yours). You can only setup valid public SSL for your own domain.

CodePudding user response:

Short answer: Make the spring boot application to use secure HTTPS instead of normal HTTP.

I am not familiar with Spring Boot but there is a tutorial with a github repository at: https://www.baeldung.com/spring-boot-https-self-signed-certificate

It teaches how to use Spring Boot with self-signed certificates in development but certainly in production valid public certificates should be used.

  • Related