How to set up Nginx with HTTPS on EC2 instance with ELB and ACM
I have set up a EC2 instance on which I have installed a flask API that runs using Gunicorn and Nginx as a reversed proxy. I wanted to run it with https protocole, so I bought a domain name via OVH and I asked a certificate via AWS Certificate Manager, which had then been validated. So I set up an Elastic Load Balancer to be able to use this newly certificate. However, I do not know how to modify my Nginx configuration file.
For now it is this one :
server {
listen 443 ssl;
server_name <my domain name>;
location / {
proxy_pass http://unix:<path to the gunicorn socket>;
}
}
However, with this configuration, I cannot start Nginx since there is no SSL certificate specified. But as you know, with AWS Certificate Manager, it is not possible to download any certificates, that's why I set up an ELB.
So how can I solve my issue ?
EDIT
I changed my Nginx configuration file to :
server {
listen 80;
server_name <my domain name>;
location / {
proxy_pass http://unix:<path to the gunicorn socket>;
# Configurations supplémentaires
}
}
I also added an entrant rule on port 80 for the EC2 instance.
Here are the listeners I created for the ELB :
And here is the target group :
With its saved targets :
And its healthcheck settings :
However, as you can see, the health status of the instance resulted in unhealthy, and I do not know why. Besides, with the adding of the ELB, I do not know if I should keep the line server_name <my domain name> in the Nginx configuration file or if I should change it to server_name <public IP of EC2 instance>
First, you create an Aplication Load Balancer (ALB). Then create a HTTP Listener on port 80 and add a default rule to redirect traffic to HTTPS on port 443. Create an additional HTTPS listener on port 443. Set the default action to forward all traffic to a target group. Specify the ACM certificate that was created for your domain as the default SSL certificate. Create and gonfigure the target group on port 80. Add your instance to the target group and set up your app to listen on port 80.
- Using forward slash (`/`) in key of a RedisJSON object on Amazon Elasticache
- How to increase aws dynamodb index limit from 5
- Does Amazon Lightsail have remote desktop (GUI) with their Linux offering?
- Why does Runtime.maxMemory() change its value on separate calls?
- Appsync Query Returning Null with Cognito Auth
- AWS CLI S3 A client error (403) occurred when calling the HeadObject operation: Forbidden
- How to extract files from a zip archive in S3
- Copy Aws launch template to another region
- AWS S3 upload fails: RequestTimeTooSkewed
- Simplest way to automate starting of EC2 daily
- How to pass API Gateway authorizer context to a HTTP integration
- How to use AWS CLI to deploy lambda function to specific alias or version?
- Exporting data from dynamo db to a csv file
- Amazaon S3Client can list buckets, but throws an UnknownHostException when trying to do a putObject
- No integration defined for method - Choose a stage where your API will be deployed
- Using SNS to send push notifications - Expo App
- CodePipeline buildspec and multiple build actions
- Why can't an AWS lambda function inside a public subnet in a VPC connect to the internet?
- Lambda@Edge not logging on cloudfront request
- Vue is not picking up env variables from aws ecs task container
- AWS CLI cloudformation validate-template success but getting error during create-stack
- The term 'Events:' is not recognized in cloudformation template in AWS
- AWS Lambda function and S3 - change metadata on an object in S3 only if the object changed
- Cloudformation : Encountered unsupported property DeletionPolicy on S3 Bucket
- Error in CloudFormation Stack: Syntax errors in policy. (Service: AmazonIdentityManagement; Status Code: 400;
- Template format error: Unresolved resource dependencies [subnet-057ba3df40f87da4e] in the Resources block of the template
- Encountered unsupported property Version
- While deploying an efs stack i get the following error
- Invalid request provided: AWS::ElasticLoadBalancingV2::ListenerRule Validation exception
- aws cloudformation - Encountered unsupported property RequestValidatorId