I have placed my instances behind an ALB that has an ACM provided SSL certificate configured with it. However, when I browse to the web page (that I have configured via Route53's alias record to the App Load Balancer), it says that my connection is not secure. What am I doing wrong here? Do I need to configure Apache somehow?
I got help from the following site. Added the code below to an .htaccess file that I placed at the app root, i.e., /var/www/html.
Caveat: Be aware that even though my app was running behind a load balancer, .htaccess is disabled by default in EC2 as a security measure and therefore needs to be be enabled by editing etc/httpd/conf/httpd.conf, where you change AllowOverRide = None to AllowOverRide = All
Code for .htaccess:
# Begin force ssl
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{SERVER_PORT} 443
RewriteRule ^(.*)$ https://your-domain/$1 [R,L]
</IfModule>
Restart apache once you've got this in there. sudo service httpd restart.
If it still doesn't work, clear browser cache. If it doesn't work for www.your-domain.com, it is quite possible that you ordered the certificate for your-domain.com only. Make a new certificate (they are free), with both names added to it.