How to troubleshoot unhealthy status code in AWS target group

0
votes

I created application load balancer and assigned a target group which contains two EC2 instances, i am using only https traffic to flow through ALB as i am using SSL certificate from ACM but my target group health check fails. So far i done the following

  1. index.html is in root dir /var/www/html
  2. apache is running as i can hit the server ip to view the web page
  3. http works perfectly fine using ALB
  4. 443 instance shows unhealthy
  5. Same ssl certificate when i used in classic load balance worked fine to route SSL traffic, so the certificate is fine Something going wrong in application load balancer only
  6. security group allows 443 traffice for both instances and ALB.
  7. Same instance if i put in http target group becomes healthy
  8. Both ec2 if i remove from http target group and assign to ssl target group becomes unhealthy

Thanks

1
amazon-web-servicessslamazon-ec2

1 Answers

5
votes

The SSL certificate is on the load balancer. The connection between the load balancer and the EC2 instance cannot be HTTPS because the SSL certificate is not on the EC2 server. You cannot use a target group configured for HTTPS via port 443 with your SSL configuration. You will need to continue using a target group configured for HTTP.