Geek Answers Handbook

Forwarding HTTPS from Godaddy to AWS

I am new to creating and managing websites. I looked through many previous questions, and none of them suits me. I think this question can be useful to many others.

I bought a domain name and hosting services on Godaddy. I also need secure access, so I also purchased an SSL certificate on Godaddy. The default settings are thus redirected to http://mydomain.com and https://mydomain.com to my site. Godaddy also redirected www subdomains to my site - all this worked perfectly. Now I need to add a database and support growth, so I am switching to VPC on AWS with an open instance of EC2 for the Website and a private instance of EC2 for the database.

First, I read a few posts indicating that the best way to move the Website is to use Godaddy's controls to transfer the domain (through 301) to the AWS website. Others seem to indicate that I should just make domain servers right on the AWS website. What are the advantages / disadvantages of each approach? Which approach is better?

I am currently using the domain forwarding method. However, for Godaddy, this apparently only sends HTTP requests, not HTTPS requests (they get the error "This page is unavailable"). Is there a way to redirect the HTTPS address to AWS and save (reuse?) The SSL certificate? What do I need to do with SSL certificate? If I need a new SSL certificate, how can I connect it to a domain hosted by Godaddy, but point it to the AWS Website?

I am new, so please explain in detail. Thank you

+8
source share
2 answers

I usually set things up this way:

  • Register for AWS Route53 DNS and point it out. I prefer this because it is easy to display AWS resources like S3 etc. In DNS, if we use Route53. Howto
  • Use Elastic Beanstalk instead of manually configuring EC2 and ELB and install SSL certificates on Beanstalk / ELB. Howto
  • Handle https redirection in your application server configuration. Howto

Your current “Forwarding (301)” https to AWS approach using Godaddy does not work. Godaddy forwarding occurs on the forwarding web server (not at the DNS level). Therefore, if they must accept the https connection and forward, then they need a certificate for this, and obviously they do not have your domain certificate. So the only help godaddy will provide is to forward the http to where you need it. I usually use this to “park” additional domains, not the main domain (say, xyz.net, xyx.co, etc. On xyz.com, where .com is the main domain). Here, users do not go and type https explicitly, and therefore they practically work.

Now for the main domain they need to enter https (or redirect them to https). In this case, you need to perform a CNAME or A-record match. This can be done on Route53 (aws) or on Godady itself by changing the DNS records (rather than 301 redirects). Long explanations, hope this clarifies!

+13
source

There are several questions for this post:

First, I read a few posts that the best way to move a Website is to use Godaddy controls to forward the domain (through 301) to the AWS website. Others seem to indicate that I should just make domain servers directly to the AWS site. What are the advantages / disadvantages of each approach? Which one is better?

One of the advantages of having 301 is that if you have a new address, it allows your users to find that new address using the old address. The disadvantages are that there is a bit of delay in the request, because you go through two jumps instead of one, and you can also give a little “ping ponging” feeling to the user. However, this is an option if you want to redirect from HTTP to HTTPS

The benefits of not using redirects are that it is faster, but also if you have an old address, people may not be able to find it.

I am currently using the domain forwarding method. However, for Godaddy, it seems to only redirect HTTP requests, not HTTPS (they get the error "This page is not available"). Here's a way to redirect an HTTPS address to AWS and save (rekey?) An SSL certificate? What do I need to do with SSL certificate? If I need a new SSL cert, how can I connect it to a domain hosted by Godaddy, but point it to the AWS Website?

Redirecting from HTTP to HTTPS has nothing to do with your domain registrar (i.e.GoDaddy). This usually happens at the firewall, load balancer, or application level. It depends on your architecture and how you want to use the application. For instance,

  • If you have a firewall or a set of firewalls exiting the application, you can redirect all traffic from port 80 (HTTP) to port 443 (HTTPS).
  • Another way is to transfer the application using a web server such as Apache or nginx, and redirect all port 80 traffic to 443 (this is perhaps the most common option, in which case the certificates will be installed on the web server).
  • Another way is to have application servers running on both 80 and 443, and then send the application server on port 80 to send everything to port 443 (not so often). In this case, the certificates will be installed in the main application running on port 443)
  • In addition, you can also configure redirects at the load balancing level. In this case, you do not need HTTPS between the load balancer and the application server, since the load balancer itself handles HTTPS traffic (suppose that your application server is on some private network). Please note that Amazon ELBs do not support redirects. This option will be available on hardware load balancers such as Brocade ADX or Citrix Netscaler or software balancers such as HAproxy.

Hope this helps.

[change]

There are some domain registrars that allow you to configure HTTP redirection (a 301). However, as I said, this is not a DNS function as such. For example, dynect allows you to do this:

Dynect sample

0
source

More articles:


All Articles