I currently have a domain name "erp.example.com" that has its certificate on AWS Certificate Manager.
I also created a CloudFront distribution, used the certificate and connected it to an EC2 which has NGINX.
My EC2 has both HTTP and HTTPS ports (80 and 443) allowed in the inbound rules of the security group of the EC2.
Whenever I try to use the domain, the following error appears
erp.example.com uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
It's worth mentioning that:
I don't use don't use Route 53 I use a DNS that is outside AWS, and the components used in AWS are:
EC2
ACM
CloudFront
Whenever I try to connect to the EC2 using HTTPS and IPv4, the connection times out
Whenever I try to connect to the EC2 using HTTP and IPv4, the connection succeeds
The NGINX doesn't listen to HTTPS requests explicitly
The CloudFront Redirect HTTP to HTTPS
I came across an answer that explains that NGINX should listen to port 443 to terminate the SSL but how is it possible since the SSL termination should happen at the CloudFront distribution and the Certificate is at AWS Certificate Manager
I have solved my problem using the following 2 steps: