I have recently built a website on AWS by using a bitnami wordpress multisite instance, in order to speed things up, I have decided to use it with CloudFront and for security, with SSL, I have setup the target group and included the instance as my target, set up the load balancer and added that target group (inlcuding the port 443 listener with the certificate I used on the certificate manager), added the load balaner to the cloudfront, finally, added the name servers of godaddy to amazon route53, imported domain zone file from godaddy which also includes a CNAME record for the www sudomain of the cloudfront distribution address and added the domain as a hosted zone in route53.
However, right now, whenever I try to connect, the domain itself connects to thecloudfront without any certificate isses but it gives "502 ERROR The request could not be satisfied." error. WWW version on the other hand, gives a certifiate error first and after accepting the risk, connects to the cloudfront and then gives the same 502 error, in the details of the error, it states that "CloudFront wasn't able to connect to the origin.". So I believe the error is due to a configuraton error in the instance.
here are the details of the whole set up:
On the bitnami instance, I have set up the main domain with:
sudo ./bnconfig --machine_hostname my_domain.com
sudo mv bnconfig bnconfig.disabled
target group's listener listen's to port 80 and the instance is added as the target but it seems like unhealthy, stating that "health check failed with this code ". When I turn off the apache service on the bitnami instance,the error changes to "health check failed".
The load balancer, which directs to that target group, has 2 listeners, for port 80 and port 443. the action for the port 443 is "forward to". For 443, I am using the certificate I issued via the certificate manager on AWS, it includes 2 domains with its sub domains (i.e. thisdomain.com, *.thisdomain.com, anotherdomain.com, *.anotherdomain.com), later on, I am planning to add this another domain to this wordpress multisite, that's why added in the same certificate. I can also see the request counts under the "monitor" tab.
Cloudfront distribution has the loadbalancer added, it has "HTTPS only" and "Redirect HTTP to HTTPS" set, "Forwarded query strings" on and already added all the domains I mentioned before as CNAMEs.
Another interesting thing is, when I try to connect to directly to the public DNS of the EC2 instance, it is first directed to "/wpsignup.php" link, on which a godaddy redirection error shown (URL is ec2-18-130-63-232.eu-west-2.compute.amazonaws.com)