Amazon Web Services (AWS) - Resolve "Failed to connect port 443 connection timed out"
by
Jeremy Canfield |
Updated: August 03 2023
| Amazon Web Services (AWS) articles
Let's say something like this is being returned when attempting to install a package on a Linux EC2 instance.
Could not retrieve mirrorlist
Failed to connect port 443
Connection timed out
The most likely thing causing this issue is that the Securtiy Group associated wtih the EC2 instance is now allowing outbound on HTTPS port 443. If using the AWS CLI, the aws ec2 describe-security-group-rules command can be used to see if outbound (egress) is allow on port 443. In this example, there is a single inbound rule allowing SSH port 22.
{
"SecurityGroupRules": [
{
"SecurityGroupRuleId": "sgr-05ee7f82c0ae7578f",
"GroupId": "sg-0778124087b3d14d4",
"GroupOwnerId": "123456789012",
"IsEgress": false,
"IpProtocol": "tcp",
"FromPort": 22,
"ToPort": 22,
"CidrIpv4": "0.0.0.0/0",
"Description": "Allow SSH from All",
"Tags": []
}
]
}
The aws ec2 authorize-security-group-egress command can be used to allow outbound on HTTPS port 443.
aws ec2 authorize-security-group-egress --group-id sg-abcdef012345678 --ip-permissions IpProtocol=tcp,FromPort=443,ToPort=443,IpRanges='[{CidrIp=0.0.0.0/0,Description='Allow HTTPS port 443'}]'
Or, more commonly, -1 is used to allow all outbound.
aws ec2 authorize-security-group-egress --group-id sg-abcdef012345678 --ip-permissions IpProtocol=-1,FromPort=-1,ToPort=-1,IpRanges='[{CidrIp=0.0.0.0/0,Description='Allow All'}]'
Did you find this article helpful?
If so, consider buying me a coffee over at 