Redirect to SSL


#1

Instead of necro-bumping I want my app to always use HTTPS on AWS EB production deployment - can you help me use the force-ssl package? There seems a ton of confusion over “force-ssl” package and more importantly how to use it!

I was wondering if it is to redirect to SSL on the server side like I achieve with Apache httpd like so:

RewriteRule . https://%{HTTP:Host}%{REQUEST_URI} [L,NE,R=permanent]

Btw I am using https://github.com/CyCoreSystems/docker-meteor/blob/master/entrypoint.sh and hosting on AWS ECS.

Thanks in advance!


#2

Since the container runs meteor on port 3000, wouldn’t it be best to do the SSL termination in an nginx container and proxy the request to the Meteor app?

ie. just like in a non-docker environment?


#3

Well on AWS, there is a ALB (load balancer) on port 80 and 443 pointing to 3000. I need the node.js app (server side) to detect a port 80 connection and permanently redirect to 443.

No need for nginx.


#4

@hendry

Did you find a solution for this? Experimenting with AWS and figuring out the easiest way to force https

Edit - I should say ‘recommended’ way vs easiest.

Force http package seems easy enough


#5

To answer my own question, in case anyone else is looking:

  1. Open up your load balancer under EC2 (assuming that’s what you are using)
  2. Modify the default listener for Port 80 to direct to Port 443

As per the docs here:
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#redirect-actions
Good screenshot here