I am deploying a Laravel application using AWS ECS, but I am having trouble with a 503 error occurring over HTTPS connections. Below are the current settings and issues.
Environment:
AWS ECS on EC2 instances SSL termination by ALB (Application Load Balancer) SSL certificate by ACM (AWS Certificate Manager) Apache server operating within a Docker container Issues: The application can be accessed normally over HTTP (port 80), but attempting to access over HTTPS (port 443) results in a 503 Service Unavailable error. The ALB listener is set up for both ports 80 and 443, handling HTTP requests on 80, and HTTPS requests on 443.
Tried:
The ALB health check is set for port 80 and the status is healthy. Security groups are open for both ports 80 and 443. The Dockerfile is set with EXPOSE 80. The Laravel TrustProxies middleware appears to be set up correctly. Questions:
What could be the possible reasons for a 503 error when connecting via HTTPS? Are there any potential oversights in the ECS task definition or Docker container configuration that I might have missed? Additional Information: I will provide details such as the Dockerfile, ECS task definition, ALB listener settings, etc., as needed.
I would appreciate any insights or suggestions to resolve this issue. Thank you.
Dockerfile
FROM --platform=linux/x86_64 php:8.2-apache
WORKDIR /var/www/html
RUN apt-get update && apt-get install -y \
libzip-dev \
&& docker-php-ext-install zip pdo_mysql
COPY --from=composer /usr/bin/composer /usr/bin/composer
ENV COMPOSER_ALLOW_SUPERUSER 1
ENV COMPOSER_HOME /composer
EXPOSE 80
COPY . /var/www/html
COPY docker/8.2/000-default.conf /etc/apache2/sites-available/000-default.conf
COPY docker/8.2/start-container /usr/local/bin/start-container
RUN chmod +x /usr/local/bin/start-container
CMD ["start-container"]
000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/public/
<Directory /var/www>
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
start-container
#!/usr/bin/env bash
composer install
chmod 777 -R /var/www/html/storage/
a2enmod rewrite
apache2-foreground
The ALB listener is set up for both ports 80 and 443, handling HTTP requests on 80, and HTTPS requests on 443.
It sounds like you may have the HTTPS port 443 listener on the load balancer forwarding traffic to port 443 on your container. Since the SSL certificate exists on the load balancer, the SSL connection is terminated at the load balancer. Your container is only listening on port 80. The HTTPS port 443 listener needs to forward traffic to port 80 on your container, just like the port 80 listener forwards traffic to port 80 on your container.