October 28, 2019

How to Setup AWS ELB with SSL for Laravel

Setting up HTTPS for your Laravel apps can be counter-intuitive sometimes as it involves multiple layers playing nicely together. Luckily AWS has made this very easy for us especially if you are using ELB.

Let's get started.

Step 1. Get a Free SSL Cert from AWS Certificate Manager

We have written a very comprehensive guide that you can follow. Once you are done come back to Step 2.

Step 2. Go to the EC2 Dashboard

Find EC2 from the Services dropdown menu and click the link. You should see the EC2 Dashboard after that.

AWS Services Dropdown

Scroll down a bit and you should see Load Balancers on your left. Click the link.

AWS EC2 Dashboard

Step 3. Create a new Load Balancer

Once you are at the ELB Management Dashboard, click Create Load Balancer.

AWS ELB Dashboard

Step 4. Select "Application Load Balancer"

AWS ELB - Select Load Balancer Type

Step 5. Configure Security Settings for the new ELB

If you have followed our guide, select Choose a certificate from ACM and pick the right certificate from the list.

Under Security Policy, choose ELBSecurityPolicy-2016-08. This is a generic policy that is applicable for most cases.

AWS ELB - Select Load Balancer Type

Step 6. Configure Security Groups

You should already have a security group setup for your EC2. Let's use that. Or if you prefer you can create a new security group as well.

This is a changeable setting so let's go with the easiest for now.

AWS ELB - Configure Security Groups

Step 7. Configure Routing

If this is your first ELB, you will need to create a New Target Group. Give your target group a name. The rest should be the defaults from AWS.

AWS ELB - Configure Routing

Step 8. Register EC2 Instances to be Added to ELB

Under the table of Instances, select the EC2 instances to be added to ELB. You may have only 1 or more than that. Choose at least 1 instance to be added.

Once selected, click Add to registered to add the instances to the ELB.

AWS ELB - Register Targets

You should see this once you have added the EC2 instances. Once confirmed, click Next.

AWS ELB - Register Targets

Step 9. Update the ELB Listeners

Once you are done, your ELB should show in the ELB dashboard with provisioning as the status.

Click on the ELB, select the Listeners tab, then click View/edit rules for HTTP : 80.

AWS ELB - Register Targets

Step 10. Update the HTTP Redirection Rules

Currently it's forwarding the unsecured http://domain.com as it is to our EC2. What we want to do here is to force it to redirect to the secured https://domain.com instead so that all connections to our website is always HTTPS.

Let's click the Edit button for our rule.

AWS ELB - Register Targets

Then click the Trash button to discard the rule.

AWS ELB - Register Targets

Now we are going to create a new rule to redirect all HTTP traffic to HTTPS.

AWS ELB - Register Targets

All done!

Now if you go to https://yourdomain.com, you should see that it's secured.

Noticed how we did not change any configurations on the EC2 or NGINX side. This may seem odd if you had setup HTTPS on an single NGINX node for Laravel before.

In fact if you previously had NGINX configurations catered for HTTPS / SSL, you need to remove them.

The reason is that the HTTPS connection actually terminates at the ELB side instead of the EC2 / NGINX side. Between ELB and EC2, we are just serving normal unsecured HTTP connections.

Is that an issue?

Well for most of the apps out there it should be relatively safe as the traffic between our ELB and our EC2 instances happen within a private network.

If you wish to terminate the SSL at the EC2 / NGINX side, that's definitely possible. In such cases however we would not be able to use the free Public SSL cert from AWS Certificate Manager anymore.

One alternative would be to use Cloudflare's free SSL cert instead. Or you may opt for paid certificates by AWS or other providers.

Anyway hopefully you find this guide useful!


Hello! My name is Jian Jye and I work on Laravel projects as my main job. If my article was helpful to you, a shoutout on Twitter would be awesome! I'm also available for hire if you need any help with Laravel. Contact me.