I had strange problem with nginx and ELB configuration. My setup included 3 different services inside one nginx behind ELB. And I had mixed content issue: when your request to ELB is https, but inside ELB http only, and server create relative path to static using http, so browser fails with 'mixed content' issue. And I must create solution for both http/https work without any redirects.

Here is config located in nginx/conf.d/ folder:

# Required for http/https switching
map $http_x_forwarded_port $switch {
  default   off;
  "80"    off;
  "443"   on;
}

This means that we will have knowledge what real client protocol is. As you can see, we will have it in $switch var. And at this moment you use this in all location where you need it:

location ~ /softwareapi/index.php {
  fastcgi_param HTTPS $switch;
  .. other settings here ..
}

With HTTPS setting php application will automatically detect right protocol and carefully build relative path for preventing mixed content issue.

Best regards.

AWS Application Load Balancers now support native HTTP to HTTPS redirect.

To enable this in the console, do the the following:

1. Go to your Load Balancer in EC2 and tab "Listeners"
2. Select "View/edit rules" on your HTTP listener
3. Delete all rules except for the default one (bottom)
4. Edit default rule: choose "Redirect to" as an action, leave everything as default and enter "443" as a port.

The same can be achieved by using the CLI as described here.

It is also possible to do this in Cloudformation, where you need to set up a Listener object like this:

  HttpListener:
    Type: AWS::ElasticLoadBalancingV2::Listener
    Properties:
      LoadBalancerArn: !Ref LoadBalancer
      Port: 80
      Protocol: HTTP
      DefaultActions:
      - Type: redirect 
        RedirectConfig:
          Protocol: HTTPS
          StatusCode: HTTP_301
          Port: 443

If you still use Classic Load Balancers, go with one of the NGINX configs described by the others.

Create a file .ebextensions/00_forward_http_to_https.config with the following content:

files: 
  /tmp/deployment/http_redirect.sh:
    mode: "000755"
    content: |
      APP_URL=`/opt/elasticbeanstalk/bin/get-config environment --output yaml | grep -oP 'APP_URL: \K([^\s)\"](?!ttp:))+'`
      sed -ie 's@$proxy_add_x_forwarded_for;@$proxy_add_x_forwarded_for;\n        if ($http_x_forwarded_proto = 'http') { return 301 https://'"$APP_URL"'$request_uri; }@' /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf

container_commands:
  http_redirect:
    command: "/tmp/deployment/http_redirect.sh"

Make sure to set the APP_URL environment variable from the AWS management console beforehand.