Corbin
10 months ago
2107
12
Laravel

Laravel 6.0 enforce HTTPS (Elastic Beanstalk)

Posted 10 months ago by Corbin

I've built small project with Laravel 6. I'm using elastic beanstalk and load balancers with a AWS SSL Certificate.

The problem I'm having is when I go to mysite.ca it's loads via http, when I go to https://mysite.ca the style sheets don't load and I get a "Your connection is not fully secure." from chrome. I think I've also seen index.php pop up in my url while clicking around the site.

curl -v https://mysite.ca

* Rebuilt URL to: https://mysite.ca/
*   Trying 18.xxx.xxx.xxx...
* TCP_NODELAY set
* Connected to mysite.ca (18.xxx.xxx.xxx) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: CN=mysite.ca
*  start date: Nov  4 00:00:00 2019 GMT
*  expire date: Dec  4 12:00:00 2020 GMT
*  subjectAltName: host "mysite.ca" matched cert's "mysite.ca"
*  issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon
*  SSL certificate verify ok.
> GET / HTTP/1.1
> Host: mysite.ca
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 302 Found
< Cache-Control: no-cache, private
< Content-Type: text/html; charset=UTF-8
< Date: Sat, 09 Nov 2019 03:49:13 GMT
< Location: http://mysite.ca/login
< Server: Apache
< Set-Cookie: XSRF-TOKEN=xxxx; expires=Sat, 09-Nov-2019 05:49:13 GMT; Max-Age=7200; path=/
< Set-Cookie: laravel_session=xxx; expires=Sat, 09-Nov-2019 05:49:13 GMT; Max-Age=7200; path=/; httponly
< Content-Length: 340
< Connection: keep-alive
< 
<!DOCTYPE html>

curl -v http://mysite.ca

* Rebuilt URL to: http://mysite.ca/
*   Trying 3.xx.xx.xx...
* TCP_NODELAY set
* Connected to mysite.ca (3.xx.xx.xx) port 80 (#0)
> GET / HTTP/1.1
> Host: mysite.ca
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 302 Found
< Cache-Control: no-cache, private
< Content-Type: text/html; charset=UTF-8
< Date: Sat, 09 Nov 2019 03:56:09 GMT
< Location: http://mysite.ca/login
< Server: Apache
< Set-Cookie: XSRF-TOKEN=xxxx; expires=Sat, 09-Nov-2019 05:56:09 GMT; Max-Age=7200; path=/
< Set-Cookie: laravel_session=xxxx expires=Sat, 09-Nov-2019 05:56:09 GMT; Max-Age=7200; path=/; httponly
< Content-Length: 340
< Connection: keep-alive
< 

On the server end, I've followed all of the steps and I believe everything is working correctly. Here's the steps:

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Configuration.

  4. On the Load balancer configuration card, choose Modify.

    Note

    If the Load balancer configuration card doesn't have a Modify button, your environment doesn't have a load balancer.

  5. On the Modify load balancer page, the procedure varies depending on the type of load balancer associated with your environment.

    Classic Load Balancer

    • Choose Add listener.

    • In the Classic Load Balancer listener dialog box, configure the following settings:

      • For Listener port, type the incoming traffic port, typically 443.

      • For Listener protocol, choose HTTPS.

      • For Instance port, type 80.

      • For Instance protocol, choose HTTP.

      • For SSL certificate, choose your certificate.

    • Choose Add.

I've been getting help from a sysadmin that's been checking over everything as well. He thinks Laravel is the area where I'm getting the problem and I agree.

I also noticed in the .env the APP_ENV constant is set to "prod".

Thanks for any help I get. I've been stuck on this for two weeks.

Please sign in or create an account to participate in this conversation.