I am working with Elastic Beanstalk and am having some trouble with SSL configuration.

I have an environment consisting of a Load Balancer and a single EC2 instance at the moment. The Load Balancer has listeners on port 443 and 80. The EC2 instance in the environment is running tomcat on port 80. I have a certificate in place in the load balancer and I am able to access the site on port 443 and 80 and everything is worked fine.

The problem is that I would like all requests to be redirected to port 443, even ones that come in on port 80. I have searched high and low for a way to do this without having to change my security configuration. This is a small webapp running on Tomcat 7 with Spring security and MVC. I tried using

<sec:intercept-url pattern="/**" requires-channel="https"/>

but I have several pages that are not part of the filter chain as such

<sec:http pattern="/login.html" security="none"  />

This seems like something that could solved at the load balancer but I do not have much experience with setting up SSL. Any help is appreciated.

Your ELB accepts connections on 443 and 80, but it terminates the SSL there and contacts your code only on 80. SSL is basically from browser till ELB. ELB to backend code on Beanstalk is always on 80.

So any rule expecting to match based on incoming protocol doesnt work. Instead you should use this header "X-Forwarded-Proto:" (which will be set by ELB) and then do the forwarding rule.