Configure HTTPS on Amazon EC2

Question

Configure HTTPS on Amazon EC2

How to enable HTTPS in Amazon EC2? Our site is working on HTTP.

+70

https amazon-ec2

Muhammed Asharaf Mar 15 2018-11-11T00: 00Z

source share

8 answers

Daniele Dellafiore · Answer 1 · 2011-06-06 14:24

First you need to open the HTTPS port (443). To do this, go to https://console.aws.amazon.com/ec2/ and click on the Security Groups link on the left, then create a new security group with HTTPS available. Then simply update the security group of the working instance or create a new instance using this group.

After these steps, your EC2 work is completed, and all application problems.

DigaoParceiro · Answer 2 · 2018-05-02 01:11

This answer is for anyone who buys a domain on another site (e.g. GoDaddy) and wants to use a free Amazon certificate with Certificate Manager.

This answer uses the Amazon Classic Load Balancer (paid) , check the pricing before using it.

Step 1 - Request a Certificate with Certificate Manager

Go to Certificate Manager> Request a Certificate> Request a Public Certificate

In *.myprojectdomainname.com Domain Name, add myprojectdomainname.com and *.myprojectdomainname.com and go to the next.

Select confirmation email and confirm request

Open the email you received (in the email account in which you purchased the domain) and confirm the request.

After that, check if the verification status myprojectdomainname.com and *.myprojectdomainname.com successful, if successful, you can go to step 2.

Step 2. Create a security group for the load balancer

On EC2, go to Security Groups> and create a security group and add inbound http and https

It will be something like:

Step 3 - Create a Load Balancer

EC2> Load balancer> Create load balancer> Classic load balancer (third option)

Create LB inside - vpc of your project On the load balancing protocol add Http and Https

Next> Select Exit Security Group

Select the security group that you created in the previous step.

Next> Select a Certificate from ACM

Select Step 1 Certificate

Next>

I used the ping / path to check the health (one slash instead of /index.html)

Step 4 - Link Your Instance to the Load Balancer Security Group

EC2> Instances> click on your project> Actions> Network> Change Security Groups

Add the security group of your load balancer

Step 5

EC2> Load balancer> Click on the created load balancer> copy the DNS name (record A), it will be something like myproject-2021611191.us-east-1.elb.amazonaws.com

Go to Route 53> Route Zones> click on the domain name> Go to recordsets (if you do not have your own domain here, create a hosted zone with Domain Name: myprojectdomainname.com and Type: Public Hosted Zone )

Check if you have record type A (probably not), create / edit a set of records with an empty name, enter A, alias Yes and select the destination DNS that you copied

Also create a new recordset of type A , the name *.myprojectdomainname.com , the alias Yes, and Target your domain (myprojectdomainname.com). This will allow access to your site using www.myprojectdomainname.com and subsite.myprojectdomainname.com. Note. To do this, you need to configure a reverse proxy server (Nginx / Apache).

On NS, copy the values of 4 name servers for use in the next step, it will be something like:

ns-362.awsdns-45.com ns-1558.awsdns-02.co.uk ns-737.awsdns-28.net ns-1522.awsdns-62.org

Go to EC2> Instances> And copy the public IPv4 too

Step 6

On the domain registration site on which you bought the domain (in my case, GoDaddy)

Change the routing to http: <Your IPv4 Public IP Number> and select Forward with masking.

Change the Name Servers (NS) to 4 NS that you copied, it may take 48 hours

Geoff Appleford · Answer 3 · 2011-03-15 11:21

Amazon EC2 instances are just virtual machines, so you must configure SSL the same way you would on any server.

You did not mention which platform you are on, so it’s difficult for you to give more information.

Peter Hulsen · Answer 4 · 2011-03-15 10:37

Use Elastic Load Balacing , it supports SSL termination on the load balancer, including offloading SSL decryption from application instances and centralized management of SSL certificates.

Tomer Ben David · Answer 5 · 2018-07-15 03:51

There should also be an answer for people who need hassle free https on ec2 for mainly demo and test purposes, one way to achieve this very quickly:

With my answer here, which describes how you can achieve https for testing in minutes with EC2 without the hassle of creating certificates

Hello W · Answer 6 · 2019-01-08 22:20

Old question, but another option worth mentioning in the answers. If your domain’s DNS was defined in Amazon Route 53, you can use the Amazon CloudFront service in front of your EC2 and attach Amazon’s free SSL certificate to it. Thus, you will benefit both from having a CDN for faster content delivery, and from protecting your domain with HTTPS.

Mustafa · Answer 7 · 2017-08-22 08:28

One of the best resources I've found is to use encryption, you do not need ELB or cloudfront for your EC2 instance with HTTPS, just follow these simple instructions: enable encryption Log in to your server and follow the steps in the link.

It is also important, as others have mentioned, that you opened port 443 by editing your security groups.

You can view your certificate or any other site by changing the name of the site in this link

Please do not forget that it is valid only for 90 days.

Bhushan · Answer 8 · 2018-05-08 08:18

You can also use the Amazon API Gateway . Place the application outside the Gateway API. Please check this FAQ.

Configure HTTPS on Amazon EC2

More articles: