Ad

Target Group 443 Gives Health Checks Failed With These Codes: [502]

I wanted to deploy a Laravel website to amazon, so I did the following steps:

  • Deployed the Laravel App using Elastic Beanstalk
  • Configured Route:53 A instance to point to the Ip of Ec2
  • Created Application Load Balancer with two listeners one at 80 and one at 443
  • Created 2 target groups Tg80 and Tg443 and designate the listener respectively
  • Note that Tg443 has a valid SSL certificate

  • Changed the security group of the Ec2 to be the Load balancer's one

  • Changed the A instance in Route:53 to be the load balancer's

**Results: **

  • The site works perfectly on port 80 with http, same for health check, and I can acces the site normally from any browser

  • The site returns [502 Bad Gateway] on https:443

  • In (After ssh to instance) /var/log/httpd/error_log I have the following error /var/www/html/.htaccess: RewriteCond: bad flag delimiters

So, I tried, According to the link enforce-https-laravel:

  • To configure .htaccess in the laravel app as said in the link, refreshed everything `php artisan config:cache, retried health check but Same Results

  • The I deleted .htaccess and configured app/Providers/AppServiceProvider.php:

    use Illuminate\Contracts\Routing\UrlGenerator; 

    public function boot(UrlGenerator $url)
    {
       if(env('ENFORCE_SSL', false)) {
         $url->forceScheme('https');
       }
    }
  • And added ENFORCE_SSL=true in .env and then php artisan config:cache as said in the same link it is a newer way than .htaccess.

But Same Results

I don't know what to do net or how to fix this.I want to be able to access the site with ssl. Please Help. Thank you.

enter image description here

Ad

Answer

Based the comments, the issue was that the health checks were set to use HTTPS between ALB and EC2. However, since ALB terminates the SSL connections, all traffic between ALB and EC2 is in HTTP, not HTTPS.

Therefore, the solution to not working health checks was to use HTTP for them, rather then HTTPS.

Ad
source: stackoverflow.com
Ad