How do I troubleshoot issues related to EC2 origins in CloudFront?
Last updated: 2022-06-10
I'm using an Amazon Elastic Compute Cloud (Amazon EC2) instance as the custom origin for my Amazon CloudFront distribution. CloudFront returns an error. Why is this happening and how can I troubleshoot this?
Based on the type of error that CloudFront returns, see the related section for troubleshooting steps.
CloudFront returns 502 errors
There are four reasons that CloudFront returns a 502 error when Amazon EC2 is configured as the custom origin. See the following guides for troubleshooting steps:
- SSL/TLS negotiation failure between CloudFront and custom EC2 origin server
- SSL/TLS certificate on the origin is expired, invalid, self-signed, or the certificate chain is in the wrong order
- Origin is not responding on specified ports in origin settings
- CloudFront was not able to resolve your origin domain due to DNS issues
CloudFront returns 503 errors
If your CloudFront behavior has caching turned off, all requests are directed to the origin EC2 instance instead of being service from the CloudFront cache. In this case, the origin EC2 instance can become overwhelmed with large number of incoming requests, and then returns a 503 error.
For troubleshooting 503 errors, see Origin server does not have enough capacity to support the request rate.
If CloudFront can't route the request to the next best available edge location, and doesn't satisfy a request, then it returns a 503: Capacity exceeded error. For more information, see CloudFront caused the error due to resource constraints at the edge location.
CloudFront returns 504 errors
There are two reasons that CloudFront returns a 504 error when Amazon EC2 is configured as the custom origin for the CloudFront distribution:
- The origin returned an HTTP 504 status code to CloudFront.
- The origin didn’t respond before the request expired.
If you see a redirect error in your browser, check the network section in your browser developer tools. If you see multiple instances of the same request to the CloudFront distribution, then redirections are causing the browser error.
To resolve redirect errors:
- Check for any location headers in the response header. A location header indicates that when the request is made the redirection is sent to the value in the location header. To troubleshoot this problem, check any redirection rules or configurations on the location where the redirections are sent.
- Check for the Server response header. For example, if the Server value is set to the HTTP server that your EC2 server is hosting the contents on, then there is a redirection configured on the EC2 origin. Check the server in the response header to troubleshoot.