503 on load balancer through HTTPS. HTTP works fine.

June 16, 2019 839 views
Ubuntu DNS Load Balancing
domlebo70
By:
domlebo70

I have an HTTP server running on port 8080 of a droplet. I have a load balancer pointing at this droplet.

Here is the configuration in the load balancer:

Load Balancer      Droplet
HTTP on port 80    HTTP on port 8080
HTTPS on port 443  HTTP on port 8080

I have SSL redirect turned off.

If I do a curl on my http://domainname/, I get a valid response back. If I try https://domainname/, it hangs for 20s, but eventually I get a 503.

Does anyone have any suggestions?

3 comments
  • atgreen July 18, 2019
    Report

    Did you figure this out? I am experiencing the same thing.

  • anthonyleonardi September 16, 2019
    Report

    I’m also having this issue. @domlebo70 @atgreen have you been able to work this out?

  • domlebo70 September 16, 2019
    Report

    Hi. I thought I already commented further on this, but it appears I forgot to.

    No, I never ended up working this out - it just magically resolved itself. I didn’t change anything, and I woke up a few days later and it was working. It doesn’t give me great confidence in the product (especially with the lack of any official comms from DO after a support enquiry).

    So yeah… I guess just wait it out, is the best I can offer.

Sign In to Comment
2 Answers
KDSys MOD August 4, 2019

Hello,

Have you configured a port for SSL on the Droplet(not the load balancer)? If yes, you should use that for the HTTPS connection from the load balancer.

Usually in these cases, you can use port 8080 on the droplet for HTTP connections and 8443 for HTTPS connections. Of course you need to open the mentioned port and configure your Load Balancer so that I knows what InstancePort and Protocol it should use.

If you are experiencing difficulties, post the configuration files here so that I can give you a more in depth advice.

Report
  • lrcharles December 30, 2019

    This might be a dumb question, but I’m pretty sure I recall Rackspace and AWS loadbalancers working this way. Should setting SSL termination at the loadbalancer not require SSL processing on origin servers?

    If this is a limitation, and the origin nodes do in fact require ports that handles SSL, that would make the config options and docs misleading, right?

    It’s significant, because that could represent a lot of work in some cases.

    Report
stanwinsiow September 16, 2019

I am experiencing similar problems. My current load balancer settings are as follows:

http on port 80 -> http on port 80
https on port 443 -> http on port 80

I’m using Let'sEncrypt certificate. My subdomains point to my load balancer IP.

Inbound rules for firewall have been open for port 443 and port 80.

Any advices is appreciated.

Report
Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Related