AWS ELB sends encrypted response to EC2

0
votes

I'm new to SSL so sorry if this is obvious.

I have an EC2 instance running a flask Python application. This application listens to port 443. I am trying to add SSL to it by going through Route 53 and ACM. I've created a certificate, but it doesn't allow me to assign it to my EC2 instance, so I've added an elastic load balancer in front, and assigned the SSL certificate to that. The balancer listens to HTTPS port 443 and forwards everything to a target group. The target group listens to port 443, which then forwards it to my Flask application. The problem is that my application receives an encrypted response, and I don't know how I'm supposed to decrypt it. I know how to retreive the certificate, but I think I still need a key file to actually decrypt it as well.

1
amazon-web-servicessslamazon-ec2amazon-elbelastic-load-balancer
You would not receive an "encrypted" response (I think you actually mean "request," but the point is the same) in this configuration. The balancer has the key and decrypts the traffic on the way to the instance. Perhaps you could show us something about what you are seeing and we could offer another explanation.Michael - sqlbot

1 Answers

0
votes

The target group forwards the requests from the Load Balancer to the ec2 instances behind it. Your flask app should listen on port 80 and serve unencrypted traffic.

So, the target group should point to port 80(where your webserver should listen).