TLDR: Uncheck Require SNI (Server Name Indication) is required from IIS site binding, as ALB does not include SNI TLS extension in the request sent to the target
There can be many reasons behind hitting 502 bad gateway error from an ALB, and most of them can be fixed by following the AWS documentation here. However, if you are serving your backend server in IIS, and its hitting the error only when the ALB to server traffic is on HTTPS, the issue is most likely due to the setting “Require Server Name Indication” as below. This scenario is not covered in the AWS documentation. So, uncheck that setting, and try again. For more information about that setting, refer to Microsoft documentation here.
