Enabling HTTPS and HTTP with Elastic Beanstalk application


We are trying to set up HTTPS access to our website that is being deployed using Elastic Beanstalk.

Here are the steps that we have taken:

  1. Obtained a certificate from Amazon Certificate Manager.
  2. In our EB application environment, under Configuration, we have added another listener to the Classic Load Balancer. The setting for this new listener is this:
  3. Since adding this new listener created another Security Group that has an Inbound rule for 443, that security group was added to the instance.
  4. Finally, we went to the Load Balancers page, and for the load balancer for this app, we added another listener with these settings:

But we are still unable to access our website through https. Any idea what else needs to be done?

Another point. In Step #4, if only 443 load balancer port is present with these settings:

then, the website is accessible through only https and not http.

So this tweak indicates that there is no problem with the certificate.

What are we missing in our configuration?


If you assign a certificate to the listener in your EB setup, by default it is assigned to the Load Balancer. The Load Balancer terminates the HTTPS connection from the internet, and communicates with the instances using HTTP (no encryption). Therefore you would need to open up port 80 unencrypted to the instances from the load balancer.

If you must have end-to-end encryption to your instances, you need to configure your EB environment to pass HTTPS straight through the Load Balancer:


Use this configuration file with a Classic Load Balancer. In addition
to configuring the load balancer, the configuration file also changes
the default health check to use port 443 and HTTPS, to ensure that the
load balancer can connect securely.

Update your Security Group config for your instances:


And configure the certificate on the instances, which can be a self signed cert:


See a more detailed rundown with options for different types of load balancers here.

Leave a Reply