Cloudflare SSL with AWS Elastic Beanstalk - Error 521

I have an AWS instance with elastic IP. I configured the IP in Cloudflare with a subdomain. I created a new SSL in Cloudflare and configured in AWS to the instance. After that I tried to connect to the subdomain URL and I am facing the issue with Error Code : 521 - Web server is down.

I went through the docs in the community still did not help.

I connected with AWS team and they confirmed all from their side is working.

I can access that IP over HTTP. but HTTPS not supported.

That’s your issue. You first need to configure your server for HTTPS.

I aleady have configured the server with 443. Also checked with the AWS team.

Great, and you have a valid certificate on your server as well?

Yes from the AWS Certificate manager I have imported the SSL certificate from Cloudflare and I added it to AWS beanstalk load balancer with HTTPS port 443

Then it should actually work. You just need to make sure the addresses from cloudflare.com/ips are not blocked. But I believe this is mentioned at the article you already linked anyhow.

So you are able to access the Elastic IP with port 443 as well?

Anyway, an invalid SSL certificate should actually brings you an Error 526 instead of Error 521.

I’d recommend to pause Cloudflare (Overview screen, bottom right) and make sure everything loads fine on HTTPS. Once it does, it should also work fine on Cloudflare.

I have another EC2 instance that serves with Cloudflare SSL. And it’s working fine.
But this new instance having the issue.

Well, did you pause Cloudflare and did you go through all the steps in the article?

No Elastic IP with HTTPS also showing error.

Which error?

And again

Let me check that.

Error : This site can’t be reached

while I am trying to access IP over HTTPS

For the third time :wink:

Sorry. the chat I am replying in the order.
I am checking this Pause Cloudflare.

Once it’s paused check if it loads fine on HTTPS.

Also, what’s the domain?

I paused and checked but HTTPS not loading
HTTP is loading.

Domain
https://*.g**d.com/

In that case you have a configuration issue on your server and need to fix that. As I said earlier, check your firewall.