Trying to configure HTTPS on a AWS Beanstalk Single Instance, getting refused to connect

I'm trying to get HTTPS working on a AWS Beanstalk Python/Django Single instance environment. I've worked through several issues but now I'm stuck, the build deploys and the site works on HTTP, but on HTTPS I get ERR_CONNECTION_REFUSED and nothing appears in the logs that I can see.

Started with the directions here:

The first issue I ran into was a deployment error

Unhandled exception during build: Yum does not have mod24_ssl available for installation

and based on this post, I modified it to mod_ssl and that fixed it.

The second issue I ran into was another deployment error

Command 01killhttpd failed

, so I removed those commands based on this post.

This was successful in getting the environment to deploy and it works with HTTP, but with HTTPS I just get a refused connection and I can't figure out why. I've poured through the logs several times and see nothing. Here are the full logs. Any help is greatly appreciated.

Here are the two files I have created under .ebextensions folder:


    mod_ssl : []

    mode: "000644"
    owner: root
    group: root
    content: |
      LoadModule wsgi_module modules/
      WSGIPythonHome /opt/python/run/baselinenv
      WSGISocketPrefix run/wsgi
      WSGIRestrictEmbedded On
      Listen 443
      <VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile "/etc/pki/tls/certs/server.crt"
        SSLCertificateKeyFile "/etc/pki/tls/certs/server.key"

        Alias /static/ /opt/python/current/app/static/
        <Directory /opt/python/current/app/static>
        Order allow,deny
        Allow from all

        WSGIScriptAlias / /opt/python/current/app/nwmarket.wsgi:application

        <Directory /opt/python/current/app>
        Require all granted

        WSGIDaemonProcess wsgi-ssl processes=1 threads=15 display-name=%{GROUP} \
          python-path=/opt/python/current/app \
          python-home=/opt/python/run/venv \
          home=/opt/python/current/app \
          user=wsgi \
        WSGIProcessGroup wsgi-ssl


    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN CERTIFICATE-----

      -----END CERTIFICATE-----

    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN RSA PRIVATE KEY-----

      -----END RSA PRIVATE KEY-----


    Type: AWS::EC2::SecurityGroupIngress
      GroupId: {"Fn::GetAtt" : ["AWSEBSecurityGroup", "GroupId"]}
      IpProtocol: tcp
      ToPort: 443
      FromPort: 443

I've tried using the conf file detailed here, but that didn't work for me.

Back to Top