I have an Elastic Beanstalk application that is running with a Classic Load Balancer. The Load Balancer is using an ACM SSL certificate. The NodeJS app is running an HTTP server on Port 8080, that, when accessed, redirects to the HTTPS server that is running on Port 3000. However, this does not seem to work. Neither server will load anything. Currently, my load balancer is listening on Port 80 and sending to Instance port 80, and listening on Port 443 and sending to instance port 443 with the ACM SSL cert. How should I configure my EB application, Load Balancer, and nodeJS app to make this work?
EDIT: As is default for Elastic Beanstalk applications, there is an nginx instance also running. My bad for not mentioning that.
As per @kgiannakakis's advice, My nodeJS app is now as follows:
var express = require('express');
var path = require('path');
var routes = require("./routes");
const port = process.env.PORT || 8080;
var app = express();
app.set('views', __dirname '/views');
app.set('view engine', 'pug');
app.set('port',port)
app.use(express.static(path.join(__dirname, 'public')));
app.enable('trust proxy')
app.use((req, res, next) => {
req.secure ? next() : res.redirect('https://' req.headers.host req.url)
})
function init() {
app.get('/', routes.index);
app.get("/ping", function(req, res){
res.send("Ok");
res.end();
});
app.listen(app.get('port'), () => {
console.log("App running on port %s.",app.get('port'));
});
}
init();
HTTP requests work fine, however, HTTPS does not.
CodePudding user response:
Since you have an ACM certificate you are terminating SSL at the Load Balancer level. This means that the communication between the load balancer and the Elastic Beanstalk instances will be unencrypted. For your Node.js server you only need to listen to the proxy port (8080). The details are
CodePudding user response:
Your load balancer is sending traffic to your instance on port 443
, but the instance is listening on ports 3000
and 8080
, not 443
.
Change the traffic port your load balancer is sending traffic to on the instance from 443
to 3000
.
The Load Balancer needs to listen to ports 80
and 443
because those are the standard HTTP and HTTPS ports. However it needs to forward that traffic to the actual port the server is listening on, which in your case is port 3000
.
All this assumes you don't have a proxy like Nginx running on the instance, which is actually how Elastic Beanstalk is usually setup by default, but you didn't mention that in your question.