I have been trying to solve my issue for two days now. I have an ec2 instance (AMI) that is hosting a docker container that works well in http (http connection to my server). I have followed this tutorial for setting up the https (SSL/TLS) connection: set-up let's encrypt on my ec2 instance on my ec2 instance via let's encrypt (free SSL certificate). It seems to work because when I connect to http://conv.carbonfreeconf.com/ then it goes to https://conv.carbonfreeconf.com/ automatically (which is the desired behavior). However, when I try to connect to the container via the 7000 port in https (https://conv.carbonfreeconf.com:7000), it says: ERR_SSL_PROTOCOL_ERROR but it works via http.
Do you know why it does work via the normal URL but not once I connect to a specific port?
Any help is strongly appreciated...
Since I see this is also related to Convergence I will jump in here (one of the maintainers here). The issue is Apache httpd is a stand alone web server. You have it set up to serve on port 80 for http and 443 for https. The Apache server doesn't know about your docker container running on port 7000. By default the apache httpd server is just serving HTML files from its www
directory. The docker container running Convergence is a completely separate processes from apache. They are running on different ports and don't communicate by default. Simply installing apache and having it listen on port 80 and 443 won't help apply HTTPS to Convergence running on port 7000.
I see that you are using apache to get Let's Encrypt working for HTTPS Certificates. I assume what you want is for those HTTP Certificates to work for Convergence as well. If so, you need to set up Apache to be a reverse proxy. You'll likely want to use mod_proxy
for this. Check out the following link.
https://httpd.apache.org/docs/2.4/howto/reverse_proxy.html
Essentially, apache will accept the incoming traffic on port 443, and then forward the traffic (internally to the linux host) to port 7000 for Convergence. Depending on how you set this up, the current web content that apache is serving could either stay and still be there, or be replaced by what the docker container is server (or a combination of the two by useing path based routing).