I'm running a react app frontend on Netlify which should ideally send commands to an elastic beanstalk backend in form of POST calls. Netlify is bound to my own purchased domain (myname.com) and the beanstalk is running the default address (XXXXXX.elasticbeanstalk.com).
Now the problem is Netlify won't allow sending POST calls to an unsecured (HTTP) endpoint, and requires the endpoint be https://XXXXX.elasticbeanstalk.com. I have pretty limited knowledge on how HTTPS actually works, so anything below this is me fumbling around in the dark and may be quite incorrect.
I tried several methods of enabling HTTPS on the beanstalk
Create a self signed request on beanstalk and upload the cert to netlify (apparently they do not allow it)
Create a CSR on beanstalk and sign it from let's encrypt (not working because I think beanstalk domain is not owned by me)
Use Amazon certificate service (certificate got created but netlify still says it's a self signed certificate, and cannot allow the connection)
Anyone know how to either
Allow netlify to call my HTTP endpoint or
Make the beanstalk endpoint HTTPS or
Suggest a different place to host my react frontend app that doesn't involve this HTTPS mess
Note: At this point, I'm not really worried about the security, and even an unsecure platform would work for now.
Thanks
Finally managed to solve it using CORS-anywhere proxy, by adding the endpoint as https://cors-everywhere.herokuapp.com/http://xxxx.elasticbeanstalk.com/my-endpoint
Related
I have an elastic beanstalk instance in which I have deployed my spring-boot application. By default elastic beanstalk gives you a URL for your environment over http.
While this works fine this has led to a lot of problems for me. I have the frontend (my react application) deployed on Vercel. I want my frontend app to get data from my elastic beanstalk app. Problem is the url is in http. On the console I get an error like this
Mixed Content: The page at '' was loaded over HTTPS, but requested an insecure resource ''. This request has been blocked; the content must be served over HTTPS.
which renders the app useless basically.
After hours of google I found out that I have to request the data over https because my vercel app is over https*(I might be very wrong here)* I've tried some solutions to get my elastic beanstalk app to serve the data on https to no avail.
Here is what I've tried
I created a self signed ssl certificate using openssl and uploaded
it to AWS via the AWS cli. I then went to my applications load
balancer settings and added the ssl certificate . (This did not
work, I cried)
I used keytool to create yet another ssl certificate and added it to my
resources folder and the corresponding settings in the
application.settings file. I repackaged the jar file and redeployed
it to AWS.(Still didn't work. Didn't cry this time though. I was
out of tears)
Question How do I serve the data from my spring-boot app to my Vercel react app over https? Or any other method. Just anything that will work.
If one thing is clear from all that long nonsense I've told you up there is I don't know wtf I'm doing. Just following a bunch of tutorials which for all I know keep destroying my app and your time even more.
Now my app is broken and now I cant even load the static assets on the elastic beanstalk URL because I'm getting another error
400 Bad Request
The plain HTTP request was sent to HTTPS port
I know that question is really long and maybe even wrong. Please help
So once you have the SSL certificate ready this what you need to do in the AWS Elastic beanstalk to serve your application for https
Add a new listener to for port: 443 and select HTTPS
After this incase you are facing any certificate error while browsing the page, ensure that the URL mentioned in the certificate is matching the URL in browser
I have a reactjs frontend server and a backend ruby on rails server. Both of them are hosted on Heroku.
My domain name is on GoDaddy and i am paying a version on Heroku (for my frontend server) to have a ssl (Automated Certificate Management (ACM)).
I can access my domain name on the https protocol but also on the http protocol
I would like to redirect all connections to the website from http to https.
I tried multiple things:
Cloudflare but that didn't work out
https_only in my static.json of my reactjs server
force_ssl=true on my ruby on rails server
Nothing is working.
What are your advice to solve that kind of problems ? I don't know if i should solve that in the reactjs server (no info about that on google) or on godaddy (apparently that is not working with heroku) or on the rails server (i don't think so because it's the backend server)...
I am looking forward to have a better understanding of the DNS thing but it is not easy, have you some tutorial to share with me ?
Thanks in advance
I just use the "Always use HTTPS"-Feature from Cloudflare for that.
I am trying to make a portfolio-building app on aws. I am using reactjs for the front end, lambda(nodejs) for the backend, and other various technologies like dynamodb and API Gateway. My question is, how do I get the react content served up every time someone goes to my domain name? Is it done through lambda? Do I need an ec2 instance? I am stuck on this and if someone can help me out I would really appreciate it. Thanks!
There are many approaches you could use to set this up, it depends on what type or architecture you are looking for. I prefer to use AWS lambda functions attached to the API gateway for backend How To Build Your First Serverless API with AWS Lambda and API Gateway, and for frontend host the react.js app in s3 through cloudfront. This setup means that your entire application is serverless and you will be hard pressed to make it out of the free tier on AWS. Here is a great blog article detailing how to set this up Deploying create-react-app to S3 and CloudFront
So where is your front end running?
It could be many locations:
EC2 instance
Elastic Beanstalk (either as a Node app, or as a Docker container)
ECS/EKS (with or without Fargate)
As a series of Lambdas (running behind an ALB)
Without knowing your application and experience of AWS services it's quite hard to advise exactly where you should host it. However, once you decide which one of these you are using you can points its target A record/CNAME at your domain name by editing the A record/CNAME in your hosting provider.
We need to migrate from one app engine project to another (due to the constraints put in place for changing region).
The ideal solution would just be to proxy all requests through to the new server however we are using Google Cloud Endpoints which are intercepted by the server and delivered as POST requests.
We can't redirect as we have mobile apps relying on the API.
Does anyone have a solution (rather than proxying every API method we have) to proxy to a new server?
I would write a ServletFilter on the old app that intercepts /_ah/spi/* and forwards it to the new app, also on /_ah/spi/*. Keep in mind that you'll have to keep the existing Endpoints code in place, or the proxy will delete your configuration and not forward anything.
I have a phonegap app that uses jquery to post to a remote server, running on Google App Engine.
What's the best way to ensure that only my phonegap app can post to this remote server? I've been scouring the web for an answer but can't find anything concrete.
Normally I believe you'd check the referrer to ensure that the request is coming from a whitelisted domain but in this scenario there is no domain because it's a phonegap app.
This question is similar but it's gone unanswered:
Security issues with phonegap remote server access
You can't. Any request that your app can make - including whatever authentication credentials you care to embed in the app - can be generated by a third-party. The most you can do is obfuscate, by embedding secrets in your app, but a clever user can extract these.
A better option would be to authenticate the user, rather than the application.