i using elastic beanstalk and added successfull a letsencrypt https cert yesterday. but now, my custom health check is set my systemstatus to red.
if i remove the ssl config (all properties with namespace ""namespace:aws:elb:listener:443"). the healthcheck it's working.
it's not a port problem, i allowed public access to the port temporally.
what do i forget ?
Thanks Marcel
my ebextension config is this:
Resources:
healthPort:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
IpProtocol: tcp
ToPort: 7979
FromPort: 7979
SourceSecurityGroupName: { "Fn::GetAtt": ["AWSEBLoadBalancer", "SourceSecurityGroup.GroupName"] }
option_settings:
- namespace: aws:elasticbeanstalk:application
option_name: Application Healthcheck URL
value: HTTP:7979/health
option_settings:
- namespace: aws:elb:listener:80
option_name: ListenerEnabled
value: true
- namespace: aws:elb:listener:80
option_name: ListenerProtocol
value: HTTP
- namespace: aws:elb:listener:80
option_name: InstancePort
value: 80
- namespace: aws:elb:listener:80
option_name: InstanceProtocol
value: HTTP
- namespace: aws:elb:listener:443
option_name: ListenerEnabled
value: true
- namespace: aws:elb:listener:443
option_name: ListenerProtocol
value: HTTPS
- namespace: aws:elb:listener:443
option_name: InstancePort
value: 80
- namespace: aws:elb:listener:443
option_name: InstanceProtocol
value: HTTP
- namespace: aws:elb:listener:443
option_name: SSLCertificateId
value: xxx
The problem was the ELB hasn't the right to connect to the 7979 Port. I don't know why it just happend, if i enable ssl but now it works.