Why Can I not connect to my website running on EC2 with https?


The web service is running in a container. The following is part of my docker-compose.yml.

      - 80:8080
      - 443:8080

I also created a certificate for my domain name, and configure the inbound rules for both https with port 443 and http with port 80. Currently I can open my website through http://my_domain_name successfully, but can not through https://my_domain_name

The following is the response after I run "telnet my_domain_name 443" with my local laptop.

Trying <my elastic IP>...
Connected to my_domain_name.
Escape character is '^]'.

What is the reason? How can I check it and fix it? Thanks.

  • Where did you create the certificate?

asked a year ago679 views
1 Answer

You can’t have http and https on the same port. Your docker configuration has port 80 and 443 going to port 8080.

You’ll need ssl running on its own port on the web server side.

What you could do is have an alb with ssl setup on it and this ec2 in the target group forwarding to port 80.

Https will run on load balancer.

If you don’t want an alb, you’ll need to install the ssl cert in the container and setup a 2nd port for https

profile picture
answered a year ago
  • Hi Gary, Thanks for your answer. Thanks for your knowledge sharing. Actually I did not know this knowledge point. I created an application load balancer for the VPC of my EC2 instance, but still the same error I can't visit my website through https. Can you give me more suggestions? Do I need configure more? Thanks. I am newcomer of AWS, know almost nothing about AWS, at the same time, I also feel the document of AWS is too difficult to grasp the critical point.

  • No worries.

    You will need an internet facing load balancer in a public subnet. This has a route to an internet gateway.

    You’ll need a acm certificate and assigned to the load balancer on port 443

    You will need a target group with your ec2 as and instance using port 80 as the health check.

    A rule will need to be created on the load balancer to send traffic to the target group

    You’ll need a security group on the load balancer allowing to port 443

    You’ll need a security group on the ec2 allowing access to port 80 from the load balancer security group

    Dns will need to point to your load balancer.

    Aws is very granular and you have to setup Everything you’ll need.

  • Thanks for your reply in details. According to my understanding, I think I have done all these steps. "Health check" of my load balancer is also OK. But still I can't access my website running on EC2. Probably there is a configuration error somewhere.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions