Now I am migrating a client site to AWS. Everything is set up and working for me, except that the client would like to accept payments on the website. I followed a few guides on how to get SSL to work using an elastic beanstalk. Currently, I configured it to use the source package, and I created a configuration file in a .ebextensions file that looks like this:
Resources: sslSecurityGroupIngress: Type: AWS::EC2::SecurityGroupIngress Properties: GroupName: {Ref : AWSEBSecurityGroup} IpProtocol: tcp ToPort: 443 FromPort: 443 CidrIp: 0.0.0.0/0 packages: yum: mod24_ssl : [] files: /etc/httpd/conf.d/ssl.conf: mode: "000755" owner: root group: root content: | LoadModule ssl_module modules/mod_ssl.so Listen 443 <VirtualHost *:443> <Proxy *> Order deny,allow Allow from all </Proxy> SSLEngine on SSLProtocol All -SSLv2 -SSLv3 SSLCertificateFile "/etc/pki/tls/certs/server.crt" SSLCertificateKeyFile "/etc/pki/tls/certs/server.key" ProxyPass / http://localhost:80/ retry=0 ProxyPassReverse / http://localhost:80/ ProxyPreserveHost on LogFormat "%h (%{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" ErrorLog /var/log/httpd/elasticbeanstalk-error_log TransferLog /var/log/httpd/elasticbeanstalk-access_log </VirtualHost> /etc/pki/tls/certs/server.crt: mode: "000400" owner: root group: root source: sourceHere /etc/pki/tls/certs/server.key: mode: "000400" owner: root group: root source: sourceHere
where sourceHere is a link to a file in S3, I also tried to use the content directly instead of the source, but the result is the same, the application starts without any errors, but any attempts to connect to the IP address or the provided URL just say that the page is inaccessible . If I create the same zip file, but do not leave the configuration files that it builds correctly. This is pretty much what AWS has on the support page and in the documentation for Elastic Beanstalk, so I'm not sure what is going on.
source share