Issue #17 - "Elastic Beanstalk vs Me”

This is the second issue of how Time for Price came to be. If you don’t want to miss the entire series, check the issue here.

THE GREEN LOCK THAT WOULDN’T SHOW UP

So there I was… staring at the browser.

Site was live.

Spring Boot app was deployed.

Everything was working… except one thing.

The green lock.

You know — the padlock in the browser that tells people your site is secure.

Mine? Missing. Instead, I got:

Connection not secure.

I had already set up the SSL certificate in AWS Certificate Manager.

The domain was verified. The certificate was issued.

But still… no lock. (pun absolutely intended)

So naturally, I did what any desperate dev does when confused:

I hit the nuclear button.

THE MISTAKE THAT WIPED IT ALL OUT

Let’s pause here.

Elastic Beanstalk is sneaky. On the surface, it looks like a smooth, abstracted deployment tool. But underneath? It’s running EC2 instances, Load Balancers, Target Groups, Security Groups — all linked together.

And when something breaks, it’s tempting to just:

❌ Terminate the environment

✅ Create a new one

⏳ Start fresh

Don’t do that.

That’s what I did.

I wiped everything: the EC2 instance, load balancer config, environment settings, SSL bindings — gone.

What I should have done?

Install the SSL certificate on my EC2 instance. (Learned the hard way.)

THE NGINX STRUGGLE

Here’s the part no one talks about:
When you’re dealing with SSL at the instance level, you need to configure nginx manually.

Elastic Beanstalk abstracts a lot, but once you start SSH’ing into the box to mess with nginx… you're basically on your own.

• I had to dig into /etc/nginx/conf.d/elasticbeanstalk/

• Modify the .conf files to point to my SSL cert and key

• Add proper server blocks to listen on port 443

• Set up redirects from HTTP to HTTPS

• Restart nginx without breaking the instance

Sounds easy enough?

It wasn’t.
Any small misconfig? Elastic Beanstalk would sometimes overwrite it.
Or nginx would silently fail, and I’d have no idea until 20 minutes later when my domain still didn’t load.

THE WORST MISTAKE

At one point, I got so stuck that I assumed I broke everything beyond repair.
So… I did what any sleep-deprived solo dev might do:

🔥 All because I didn’t realize I could’ve just fixed the nginx config and restarted it.

That mistake cost me hours — and a bunch of confidence.

THE REBUILD PAIN — STEP BY STEP

Since I didn’t know that yet, I went through the pain of rebuilding:

• Recreated the entire Elastic Beanstalk environment

• Re-uploaded the .jar file

• Re-added SERVER_PORT=5000 as an environment variable

• Reconfigured Route 53

• Set up the SSL certificate within the EC2 instance

It was hours of work I didn’t have to do.

But hey — lesson burned in now.

THE MOMENT IT WORKED

I refreshed the browser one last time, not expecting much…

There it was.

The padlock.

The HTTPS redirect.

The secure badge.

I kid you not — I stared at that lock for 10 solid seconds like it was an achievement badge.

Because it was.

WHAT I LEARNED

• You can run SSL on a single EC2 instance without a Load Balancer.

• But it means getting your hands dirty with nginx.

• Beanstalk’s abstraction is a double-edged sword: it's easy until you need to go deep.

• And most importantly: don’t panic and delete everything unless you really need to.

✅ Key Takeaways:

• If you're skipping the Load Balancer, be ready to configure nginx for SSL manually.

• Certs live on the EC2 instance — don’t forget to add both .crt and .key paths.

• Use eb ssh to troubleshoot logs (/var/log/nginx/error.log is your friend).

• Don’t rebuild your whole environment unless you’re really sure you need to.

🎬 Teaser for Issue 3: