I deployed my NodeJS/Express app on AWS Beanstalk. The current config is :
Environment type: single instance
EC2 instance type: t2.micro
Node.js version: 10.15.0
No load balancer
Proxy server : Nginx
When deployed it gives me a URL http://<app-name>.<server-location>.elasticbeanstalk.com/
I tested (using Postman) my authenticate API with the URL - http://<app-name>.<server-location>.elasticbeanstalk.com/users/authenticate and it gives me the status code of 200 OK and is working fine.
When I use HTTPS instead of HTTP it doesn't work as expected. In postman I get below error:
There was an error connecting to https://<app-name>.<server-location>.elasticbeanstalk.com/users/authenticate
I have my frontend deployed on netlify and when I trigger the same request from my Web application it gives me below error :
The page at 'https://<app-name>.netlify.com/login' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://<app-name>.<server-location>.elasticbeanstalk.com/users/authenticate'. This request has been blocked; the content must be served over HTTPS.
I understand that since my request is coming from https I need to have my backend configured to have https listener. I am not sure as to how I can accomplish this in AWS Beanstalk where I don't have a Load balancer and my env type is a single instance.
I am new to AWS. Appreciate your help. Thanks!
You'll need to add an .ebextension config file to:
Allow 443 traffic in your Security Group
Install the ssl package
copy the certificates from the application package to the ssl dir. (certificates can be created in the certificate manager) or paste them in the config file
edit nginx config
Here is an example
https://edwardsamuel.wordpress.com/2015/07/17/enable-https-and-http-redirect-on-aws-elastic-beanstalk/
Related
I'm building a distributed web app designed to be hosted on IPFS. I want to do development in a web browser, using my local gateway to serve my files, but I use Javascript APIs that are not permitted without being served off HTTPS.
I tried starting a reverse proxy with self-signed ssl pointing at my local IPFS http gateway, but when I visit links using the reverse proxy, say https://___hashhere___.ipfs.localhost:8081/, I'm redirected to http://___hashhere___.ipfs.localhost:8080/:
GATEWAY_PORT=$(ipfs config Addresses.Gateway | cut -d'/' -f 5)
HTTPS_PORT=$((GATEWAY_PORT+1))
echo "https proxy to your ipfs gateway now at: https://localhost:$HTTPS_PORT"
exec npx local-ssl-proxy --source $HTTPS_PORT --target $GATEWAY_PORT
How can I run a local https+ipfs gateway in a command or two? I guess I need a reverse proxy that rewrites URLs in responses?
If you use Chromium-based browser, then http://___hashhere___.ipfs.localhost:8080/ will have window.isSecureContext set to true and you will have access to all Web APIs. No need for TLS setup for dev on localhost with Chromium (Firefox has a bug).
If you are running IPFS Companion, you may want to disable it when you develop your app, to ensure requests for IPFS resources are not redirected to the gateway set in browser extension's Preferences.
In production, you deploy go-ipfs behind a reverse proxy and that proxy terminates TLS. You can control the protocol scheme and host used in some of redirects via X-Forwarded-Proto and X-Forwarded-Host headers, as noted in go-ipfs/docs/config.md
I have hosted a nodeJS application on AWS ec2 instance which I can access through ssh but not through my browser i.e, http.
There is no error logged on the console it only shows the following message in the browser:
"unable to connect"
I am aware about security groups and checked them twice I've included http as well as https properly. Please help
Did you configure a web server to direct the requests from the AWS URL to the nodejs application you are running?
Try checking out nginx (https://www.nginx.com/), its really easy and fast to cofigure.
Here is a minimal configuration template:
server {
listen 80;
server_name <aws-url>;
location / {
proxy_pass 127.0.0.1:<node-port>;
}
}
I have deployed a node.js app to Elastic Beanstalk. When I try to access the page via HTTP: everything works fine. when I try to access via HTTPS: I get a refused to connect error. I have followed the instructions on
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-nodejs.html
I created a .ebextensions folder and my https-instance-single.config looks like:
Resources:
sslSecurityGroupIngress:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
IpProtocol: tcp
ToPort: 443
FromPort: 443
CidrIp: 0.0.0.0/0
I have uploaded and deployed the new zip file with these included and still the same thing. I can access via HTTP but not via HTTPS.
Any help would be greatly appreciated.
I would suggest you use LetsEncrypt for Elastic Beanstalk single instance. According to your current configuration, its only open port 443 to serve HTTPS but you are not pointing to certificate. This is the tutorial for LetsEncrypt SSL on Elastic Beanstalk:
https://www.tutcodex.com/ssl-on-single-instance-elastic-beanstalk-tutorial/
I want to deploy a mern project on ssl. Currently it is running on server with ip address but when I deploy it on ssl it is not running. It is working fine on http.
I have change on node modules transport-node and make it http to https.
1-I am using nginx as proxy server
When I deploy on ssl it give error:-
1-emitter.js?8a6f:50 OPTIONS https://privateIp:port/ net::ERR_SSL_PROTOCOL_ERROR
2-websocket.js?0f24:6 WebSocket connection to 'ws://privateip/sockjs-node/831/bocznd0p/websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
3- your request is http,while it is require https.(handshake problem)
I have an existing ssl certificate through LetsEncrypt for my domain. On the same server as my site I have an express app running at port :8080. Before adding the SSL to the domain I was able to make requests to http://domainname:8080.com. Now that the domain making the requests is https it obviously can't make those requests. If I instead make requests to https://domainname:8080.com, I get no response and instead get a timeout error.
I have attempted to curl -X -POST on the server manually and it returns (35) gnutls_handshake() failed: The TLS connection was non-properly terminated. If I however run the same command pointing to the non https domain it executes correctly. I also tried installing the https modules for express and pointing it to the same certs I'm using for the domain. For all my effort I cannot get this to work. What am I missing here? I want to make requests to a port on the same server that is serving my app.
Setup a reverse proxy in my nginx site config from the domain to the ip address the express server was running on. This solved all the issues I was having.