I'm fairly new to backend development (have mainly done frontend) and I hope someone might be able to help me with this, cause I've been tearing my hair out over this for a week now.
Basically, I have a full-stack Chat-app (Node.js, React, Express, MongoDB, Socket.io) where the frontend is deployed to Netlify (and connected to a custom domain I bought from Strato), and the backend server is deployed with Elastic Beanstalk Application Load Balancer. The communication between frontend and backend works locally, and even works if I run FE locally, and BE from Elastic Beanstalk. My problems arise when trying to send API-requests from my deployed FE to my deployed BE over HTTPS.
What I have already tried
Since the frontend on Netlify is HTTPS I need the backend to also run on HTTPS to avoid "mixed content" errors. My frontend custom domain is chatter.se, and my backend domain is chatter-env.*******.eu-north-1.elasticbeanstalk.com. I started by requesting a Certificate from ACM, and successfully connected the CNAME-name and CNAME-values to it's respective slots in the DNS-settings on Strato (where my custom domain is).
Since FE and BE live on different origins (chatter.se and chatter-env.**...beanstalk.com), when sending api requests, I was at first getting the issue of net::ERR_CERT_COMMON_NAME_INVALID.
After doing some research I came across a forum-post explaining that I should set up a subdomain on Strato that redirects to my backend in order to keep my api requests within the same domain. Therefore, on Strato, I created a subdomain (api.chatter.se), set it to redirect to my backend-URL, requested a new certificate from AWS, and used the CNAME name and CNAME value from this new certificate on the new subdomain. I have confirmed that this certificate is valid, issued, and in use, as well as it being used on the listener (443) on the load balancer. I have also made sure that Security Groups are accepting inbound and outbound traffic on 443, as well as a port-range of 3000-60000. If I type in api.chatter.se in the browser, I am indeed being redirected to the chatter-env.*********.eu-north-1.elasticbeanstalk.com.
Now, when sending requests from the deployed FE to https://api.chatter.se/api/test (which just sends back a 200 OK if connecting properly, and works over http), I am getting a new error: net::ERR_SSL_PROTOCOL_ERROR
Note that I am NOT getting CORS-errors, as I have dealt with this in the code, and I am fairly sure that I am missing something on the certificate side of things. I have also confirmed that the server is indeed healthy and up and running.
Any ideas of what might be the issue here? Any help is greatly appreciated!
The certificate is not issued for "chatter-env.*********.eu-north-1.elasticbeanstalk.com", it's issued for "api.chatter.se", by ACM. I read the link you posted, and it talks about Route 53 - should I transfer my domain to AWS with Route 53 and add a CNAME record from there?
Ok, so I have successfully transfered my custom domain over to Route 53, and have set up an A record that redirects api.chatter.se to my beanstalk environment. The website loads correctly in the browser, but now there is a new console error when trying to access the server from the frontend - net::ERR_NAME_NOT_RESOLVED.
I have also tried CNAME record instead of A record with the same result. I have also updated the name servers in the registered domain with those of the hosted zone, which is public - same thing - net::ERR_NAME_NOT_RESOLVED.
Any ideas what I could be missing?