SSL converted page is not reachable on the internet

Solution 1:

  • Try a curl to the AWS IP: curl -k -vv https://<your aws ip>.

  • If it works, try the same thing using the hostname. If this time it doesn't work it's a DNS issue.

  • Check if there's some firewall inside the VM. For example: iptables -L -v -n. You may have some firewall rules preventing most IPs from accessing your web server.

  • Check if there's some ACL on the web server itself. Web servers can be configured to ignore requests coming from certain IP addresses. If you're using Apache, check the Require lines in your configuration.

As a general rule, you can run a tcpdump -nni any port 443 on the server (you may have to install tcpdump) and repeat your test. Tcpdump basically collects and displays the actual packets involved, so if you try and some packets reach the server on port 443, it means nothing outside the VM blocked it and the issue probably is server related. If, on the other hand, you don't see any packet, it means something else is blocking you from accessing the web server.

EDIT

If you have a load balancer, ensure it is correctly pointing to the 443 port of the backend server(s). If not, traffic reaching the load balancer may be redirected to another port (80?) where HTTPS is not supported, which can "break" your connection.