I have been trying get SSL enabled on my AWS Elastic Beanstalk(eb) application with not much luck so far.

After following the documentation for configuring https access on eb, I created a self-signed certificate which I believe to be enough if one just wants encryption.

I created a eb environment which used a load balancer and after uploading the certificate, I was able to use it and pick the secure listening port (8443).

On the EC2 load balancer, I created a listener for

HTTPS   8443    HTTP    80  <cert file>

I then gave the load balancer and the eb instance a security group that had the rule:

Custom TCP Rule     TCP     8443     0.0.0.0/0

I also included a config in .ebextensions pointing like the documentation told me:

Resources:
  sslSecurityGroupIngress:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      GroupName: {Ref : <security_group_name>}
      IpProtocol: tcp
      ToPort: 8443
      FromPort: 8443
      CidrIp: 0.0.0.0/8443

Then in my flask application the application had these parameters:

from OpenSSL import SSL
from flask_sslify import SSLify

context = SSL.Context(SSL.TLSv1_2_METHOD)
context.use_privatekey_file('/home/ec2-user/privatekey.pem')
context.use_certificate_file('/home/ec2-user/server.crt')

basic_auth = BasicAuth(application)
sslify = SSLify(application)


if __name__ == '__main__':
    application.run(host='0.0.0.0', port=8443, ssl_context=context)

Now when I go to the instance's public IP prefixed with https:// I get this:

Google Chrome Connection info (can't post images with current rep ughh)

Which makes me think that I have the encryption I'm after but the Flask server connection log still shows clear requests (expected to see jumbled, encrypted request info).

When I connect with the *.elasticbeanstalk.com address I get nothing.

So I guess I have two questions:

1) Does this mean I have encryption?

2) Why can't I access the instance with my elasticbeanstalk url?