Skip to content

Setup HTTPS in AWS

Jump to bottom
Thuy edited this page Apr 18, 2017 · 2 revisions

AWS Certificate Manager provisions, manages and deploys SSL/TLS certificates that will be needed to setup HTTPS.

CloudFront is a Content Delivery Network (CDN) service that promises to speed up the distribution of your content. But mostly, for this exercise, it allows you to utilize the SSL certificate to setup HTTPS.

Request a Certificate from AWS Certificate Manager

Navigate to AWS Certificate Manager Console and make sure the region is set to U.S. East 1 - N. Virginia, otherwise, you won't be able to utilize it in CloudFront.

Follow these steps to Request a Certificate. Add root domain and subdomain to secure both with the SSL/TSL certificate. You will also need to Validate Domain Ownership. Go here to troubleshoot: Troubleshooting

Once the AWS Certificate status has changed to Issued, you can add the certificate to your CloudFront Distribution.

Setup Amazon CloudFront Distribution

Navigate to the Cloudfront console

Click on Create Distribution button and then under Web click the Get Started button to select Web as your delivery method.

On the Create Distribution page, there are a lot of Distribution Web Values to consider, but just going to focus on a few.

  1. Open up another window or tab and navigate to the S3 console.

  2. Select your root domain bucket. Click on Properties tab, click on Static Website Hosting and copy the Endpoint url.

  3. Back in the CloudFront Distribution window, paste this Endpoint url as the value for Origin Domain Name.

  4. Under Viewer Protocol Policy, you want to select Redirect HTTP to HTTPS.

  5. Click the Yes button for Compress Objects Automatically.

  6. Set root domain as the value for Alternate Domain Names (CNAMEs).

  7. Under SSL Certificate, you should now be able to click the Custom SSL Certificate radio button and select the certificate you just created from the dropdown menu. If not, trouble shoot and then come back here to try and set certificate again.

  8. Set index.html as the value for Default Root Object. If you are creating a CloudFront Distribution for subdomain, you do not set this as there is no index.html file in your subdomain bucket.

  9. Click Create Distribution button to save your selections.

  10. Repeat steps 1-9, skipping 8, and create a separate CloudFront Distribution for your subdomain. Substitute subdomain for wherever you see root domain.

Now is a good time to go for a long walk as it might take awhile for the process to complete.

Or you could read AWS' Task List for Creating a Web Distribution or Values that You Specify When You Create or Update a Web Distribution. There are many more options to explore.

Route to CloudFront

Navigate back to the Amazon Route 53 console and select the Hosted Zone you created for your domain.

Select the root domain Alias Record Set and in the Alias Target field, delete the present value, which should currently be the S3 bucket. Click on the empty field and there should now be a dropdown menu from which you click the CloudFront Distribution just created. Click Create button. Repeat steps for subdomain.

If all went well, you should now have a more secure static website deployed to AWS. Congrats!

REFERENCES

https://thuy.life

Home

Clone this wiki locally