Listening on SSL with node.js on AWS Beanstalk

Problem

I have a node.js app running fine on Beanstalk but now I'm trying to set it up to use an SSL certificate to allow https access. However, any configuration settings I try to use apart from the default listening on port 80 causes the whole app (on http and https) to become unreachable.

If I keep running the same app (listening on process.env.PORT) but change the load balancer settings to listen on port 443 as well as port 80 then neither are accessible.

I've also tried changing the app so that it's using the node https server package instead of http but that makes no difference. Telling the load balancer to only listen on port 443 doesn't work either.

From what I can gather, setting it to allow ports 80 and 443 makes the load balancer forward both to the same port 8080 (which is given by process.env.PORT in the app) - is this correct? If so then what do I need to change on the app side to make it work when it should already be listening to the correct port?

Problem courtesy of: af.

Solution

I managed to fix this by following advice over at the AWS forums: https://forums.aws.amazon.com/thread.jspa?messageID=463043

I needed to change the security group that the load balancer uses (the one that is automatically created and has the description ELB created security group used when no security group is specified during ELB creation - modifications could impact traffic to future ELBs).

The load balancer should already be allowing HTTP traffic on port 80 from source 0.0.0.0/0 and you have to add HTTPS traffic on port 443, also from 0.0.0.0/0, to allow HTTPS traffic. This can be done in the Security Groups section of the EC2 Management Console.

Then listen to port 8080 in your Node.js app, and your content can be accessed over both HTTP and HTTPS.

Solution courtesy of: af.

Discussion

There is currently no discussion for this recipe.

This recipe can be found in it's original form on Stack Over Flow.