Best IT Recipes

HTTPS for Amazon S3 Static Website

I want to host a static website with HTTPS using Amazon S3 and CloudFront. Here is what I have done so far:

  • Set up your S3 bucket for static website hosting and put my website files in it.
  • Created a CloudFront distribution and pointed it to an S3 bucket
  • Added CNAME record in my domain name servers for the www subdomain pointing to the CloudFront bucket.

So far so good - I can access my site using the address www.example.com . However, I want the site to be accessible only through HTTPS, for which I bought an SSL certificate from GoDaddy.

Now the question is:

  • Is there any way to install this third-party SSL certificate on my website hosted on S3?
  • Is there a way to automatically redirect HTTP to https with this setting?
+58
ssl amazon-s3 amazon-cloudfront
Mar 30 '13 at 14:44
source share
5 answers

Yes, today you can do it for free.

Now you can use HTTPS with CNAME on CloudFront, as it now supports user SSL certificates using the Server Name Index (SNI): http://aws.typepad.com/aws/2014/03/server-name-indication-sni -and-http-redirection-for-amazon-cloudfront.html

I managed to create a free Class 1 StartSSL certificate for my distributed CloudFront static site on S3 without any problems (see CloudFront error while serving over HTTPS using SNI ).

+48
Mar 10
source

In 2016-01-21 AWS launched AWS Certificate Manager , which is a free service that allows you to issue an SSL certificate that will be used with Elastic Load Balancer and Cloud Front (along with S3 too).

You can find out more: https://aws.amazon.com/certificate-manager/

And you can check how to deploy your S3 + Cloudfront website with AWS free SSL at: https://aws.amazon.com/blogs/aws/new-aws-certificate-manager-deploy-ssltls-based- apps-on-aws /

+24
Jan 29 '16 at 13:05
source

Cloudfront currently offers custom SSL: http://aws.amazon.com/cloudfront/pricing/

Keep in mind that they pay 600 US dollars per month. Read more about the link above.

+17
Jun 13 '13 at 3:05
source

As mentioned earlier, this is not possible, but you can configure Apache or nginx + SSL on an EC2 instance, CNAME is your desired domain, and the reverse proxy to the actual S3 or Cloudfront URL.

You won’t get the benefits of Cloudfront with this, so you should just serve your index.html or equivalent and use the β€œreal” (non-specific) Cloudfront URLs for heavier assets.

0
May 17 '13 at 22:53
source

In addition to @wikichen's answer.

From: https://aws.amazon.com/cloudfront/custom-ssl-domains/

By default, you can deliver content to viewers via HTTPS using your CloudFront domain name in your URLs, for example https://dxxxxx.cloudfront.net/image.jpg .

If you want to deliver your content via HTTPS using your own domain name and your own SSL certificate, you can use one of our functions for supporting custom SSL certificates.

0
Mar 31 '16 at 6:48
source


More articles:


All Articles