By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Hi. I need help ASAP for a 502 error connecting the CloudFront - CloudFront wasn't able to connect to the origin.

0

Hi. For your information, my technical knowledge on AWS is poor as I am not a engineer of any sort and do not know how to code but I need help with this ASAP. My certificate had expired before and I requested a new one. When the certificate was issued, I connected it to a new cloud front distribution using a EC2 instance as my origin however I keep getting a 502 error. Bear in mind, someone else owned this AWS account before me and I cannot contact them on how everything is setup. For someone that understands website deployment, this should be easy but I am clueless when it comes to anything related to coding. If anyone can help, please reach out. Any help would be greatly appreciated!

2 Answers
1
Accepted Answer

Hi, The general traffic path for what i think you are running is:

Cloudfront->application load balancer (ALB) -> EC2 virtual machine

What I'm guessing you have done is replace the certificate just in the EC2 machine and nothing else has changed?

If thats the case then the certificate must be the likely problem here - is the name on the certificate exactly the same as it was before? Does the certificate include any root/intermediate certificates in it (appreciate that may not make sense to you - but it's basically the 'parent' certificate that is trusted that approves your child certificate. Easiest way to tell if that may be the case is to check the old/new certificate file sizes - are they about the same?

Did the certificate import OK into your webserver on EC2? you using IIS?

Are you able to browse to the website OK directly on the local EC2 machine - does the certificate show warnings there?

Cheers, Rich

AWS
answered 2 years ago
profile picture
EXPERT
reviewed 5 months ago
profile picture
EXPERT
reviewed 8 months ago
  • Hi Rich, Thanks for your answer. Foe your information, the name on the certificate is exactly the same as the last one. Also I cannot check the sizes of the certificate and there seems to be no intermediate certificates in it. I am not using IIS and the certificate did import ok into the web server. When you go through the ec2 machine, It does show warnings there. I went on a SSL check and put the domain name in (unisalad.com) and everything seemed to be working good. I was told by someone that the traffic path that supposed to be taken is through AWS S3 but this doesn't make sense. Can you try to make any sense of it please? Thanks again.

0

Hi again, What are the warnings being shown in the browser on the EC2 machine? - that's maybe going to give us the biggest clue what is wrong.

In terms of S3 - it is possible to have cloudfront pointing at S3 and run the website from there (can only be static content though - so nothing more than fairly simple content with no real user interaction). The fact that you are replacing a previous cert in EC2 would seem to rule that out that as being used though (although there could be other content it's pulling in from there that would not cause cloudfront to behave like this).

You can confirm for certain what cloudfront is pointing at that by going into the AWS console searching for 'cloudfront' - once you find that click on distributions (I'm hoping you just have 1) - and then click on the origins tab - this will show you where it's pointing at (EC2 - via an ALB or S3).

Cheers, Rich

AWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions