如何在 AWS Elastic Beanstalk 上强制使用 HTTPS
Posted
技术标签:
【中文标题】如何在 AWS Elastic Beanstalk 上强制使用 HTTPS【英文标题】:How to Force HTTPS on AWS Elastic Beanstalk 【发布时间】:2018-06-18 00:30:15 【问题描述】:使用具有 nginx 负载均衡器的 Elastic Beanstalk 强制 http 到 https 的最佳方法是什么? Https 适用于我从 AWS Certificate Manager 收到的证书的应用程序,我只是希望它确保始终使用 https。似乎应该已经内置到 AWS 中。任何帮助表示赞赏。
【问题讨论】:
我也遇到了这个问题。尝试了数十种解决方案,但似乎都没有奏效。如何确定.elasticbeanstalk/[filename].config
文件是否实际被加载和使用?
【参考方案1】:
在您的 ebextensions 中创建一个以 .config 结尾的文件并将以下内容添加到其中
files:
/etc/nginx/conf.d/proxy.conf:
owner: root
group: root
mode: "000644"
content: |
upstream nodejs
server 127.0.0.1:8081;
keepalive 256;
server
listen 8080;
if ($time_iso8601 ~ "^(\d4)-(\d2)-(\d2)T(\d2)")
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
access_log /var/log/nginx/access.log main;
location /
set $redirect 0;
if ($http_x_forwarded_proto != "https")
set $redirect 1;
if ($http_user_agent ~* "ELB-HealthChecker")
set $redirect 0;
if ($redirect = 1)
return 301 https://$host$request_uri;
proxy_pass http://nodejs;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
gzip on;
gzip_comp_level 4;
gzip_types text/html text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
/opt/elasticbeanstalk/hooks/configdeploy/post/99_kill_default_nginx.sh:
owner: root
group: root
mode: "000755"
content: |
#!/bin/bash -xe
rm -f /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf
service nginx stop
service nginx start
container_commands:
removeconfig:
command: "rm -f /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf /etc/nginx/conf.d/00_elastic_beanstalk_proxy.conf"
source
您可以阅读更多关于 ebextensions here
【讨论】:
以上是关于如何在 AWS Elastic Beanstalk 上强制使用 HTTPS的主要内容,如果未能解决你的问题,请参考以下文章
如何在 AWS Elastic Beanstalk 上修改 Nginx 配置
如何在 AWS Elastic Beanstalk 上设置 HTTPS
如何在 AWS Elastic Beanstalk 上设置 HTTPS
如何在 AWS Elastic Beanstalk 中更改数据库配置