HTTP to HTTPS Behind Elastic Load Balancer in AWS

In the most common configurations, when running your web app behind ​Nginx or Apache, ​your https:// request will get redirected to ​http://. Sometimes, you may want to rewrite all HTTP requests to HTTPS.

The Amazon Elastic Load Balancer (ELB) supports a HTTP header called X-FORWARDED-PROTO. All the HTTPS requests going through the ELB will have the value of X-FORWARDED-PROTO equal to “HTTPS”. For the HTTP requests, you can force HTTPS by adding a simple rewrite rule, as follows:

1. Nginx

In your nginx site config file check if the value of X_FORWARDED_PROTO is https, if not, rewrite it:


server {
    listen 80;
    ....
    location / {
        if ($http_x_forwarded_proto != 'https') {
            rewrite ^ https://$host$request_uri? permanent;
        }
    ....
    }
}
 2. Apache

Same goes for Apache, add this rewrite rule to your site’s config file:


<VirtualHost *:80>
...
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
...
</VirtualHost>
3. IIS

Install IIS Url-Rewrite module, using the configuration GUI add these settings

<rewrite xdt:Transform="Insert">
<rules>
<rule name="HTTPS rewrite behind ELB rule" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions>
<add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{SERVER_NAME}{URL}" />
</rule>
</rules>
</rewrite>

4. HAProxy
frontend node1-https
        bind 192.168.20.19:443 ssl crt /etc/ssl/cert.pem
        mode http
        maxconn 50000
        option httpclose
        option forwardfor
        reqadd X-Forwarded-Proto:\ https

Minikube installatin on Ubuntu 16.04

Before you begin
Enable Virtualization in Bios
VT-x or AMD-v virtualization must be enabled in your computer’s BIOS.

Install a Hypervisor
If you do not already have a hypervisor installed, install the appropriate one for your OS now:

macOS: VirtualBox or VMware Fusion, or HyperKit.

Linux: VirtualBox or KVM.

Note: Minikube also supports a --vm-driver=none option that runs the Kubernetes components on the host and not in a VM. Using this driver requires Docker and a linux environment, but not a hypervisor.
Windows: VirtualBox or Hyper-V.

Installation on Debian/Ubuntu

sudo apt-get update && sudo apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubectl


If you are on Ubuntu or one of other Linux distributions that support snap package manager, kubectl is available as a snap application.

Switch to the snap user and run the installation command:

sudo snap install kubectl --classic
Test to ensure the version you installed is sufficiently up-to-date:

kubectl version


Check the kubectl configuration
Check that kubectl is properly configured by getting the cluster state:

kubectl cluster-info
If you see a URL response, kubectl is correctly configured to access your cluster.

If you see a message similar to the following, kubectl is not correctly configured or not able to connect to a Kubernetes cluster.

The connection to the server <server-name:port> was refused - did you specify the right host or port?

For example, if you are intending to run a Kubernetes cluster on your laptop (locally), you will need a tool like minikube to be installed first and then re-run the commands stated above.

If kubectl cluster-info returns the url response but you can’t access your cluster, to check whether it is configured properly, use:
kubectl cluster-info dump

Enabling shell autocompletion
kubectl includes autocompletion support, which can save a lot of typing!

The completion script itself is generated by kubectl, so you typically just need to invoke it from your profile.

Common examples are provided here. For more details, consult kubectl completion -h.

On Linux, using bash
On CentOS Linux, you may need to install the bash-completion package which is not installed by default.

yum install bash-completion -y
To add kubectl autocompletion to your current shell, run source <(kubectl completion bash).

To add kubectl autocompletion to your profile, so it is automatically loaded in future shells run:

echo "source <(kubectl completion bash)" >> ~/.bashrc

Install Minikube

Got to https://github.com/kubernetes/minikube/releases

download latest version & Install

sudo dpkg -i minikube_0.30-0.deb

Start minikube

sudo minikube start

It will download the required component and start the minikube

sudo kubectl cluster-info
Kubernetes master is running at https://192.168.99.100:8443
CoreDNS is running at https://192.168.99.100:8443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy

To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.