How to health check hosts over HTTPS behind the load-balancer?

Question

I have NGINX serving my site over HTTPS on EC2 hosts behind Elastic Load Balancer. I need to set up a proper health-check in ELB. However, I cannot use https://www.example.com because I need to health-check a HOST, not my site. And on the other side, I cannot use https://ec2host.amazonaws.com because the SSL certificate is valid only for my domain (example.com). So, I ended up using TCP port 80 check which is really the bare minimum.

How do I configure a proper health check in ELB to test whether a given host is delivering my website over HTTPS correctly?

Is it possible to add in plus of the example.com the IP address to test ? — Dom, Mar 16 '15 at 08:08

score 1 · Answer 1 · answered Mar 18 '15 at 12:39

I managed to accomplish this using an approach like the one described here: http://scottwb.com/blog/2013/10/28/always-on-https-with-nginx-behind-an-elb/.

In NGINX config, I added:

A specific location directive for the healthcheck URL ("/healthcheck") that does not do any HTTPS enforcement.
A redirect if the "X-Forwarded-Proto: https" header does not exist.

How to health check hosts over HTTPS behind the load-balancer?

1 Answers1