- Create dockerized NextJS app - part 1
- Deploy dockerized app to AWS EB - previous part
- Connect domain to Route53
- Set up SSL
- Set up redirects - next part
In this part we are going to connect custom domain to our Elastic Beanstalk application (to make website url fancy, like
mysuperwebsite.com), obtain SSL certificate for our website and set up secure https connection to our website!
Everything in here is within AWS Free tier (except for domain, which can be bought for as cheap as $1).
Also please pay attention that all links to AWS I provide use my region of choice, if you're using different AWS region make sure to change it before making any changes!
Lets get started =))
This step requires you to have, guess it, custom domain.
First thing we need to do is to create a new hosted zone:
- Open Route53 console page and click
Create hosted zone
- Fill in domain name (optionally description), in my case it is
- Select Type -
Public hosted zoneand click
Create hosted zone
Now we need to visit our domain registrar and change domain nameservers.
I'm using Namecheap but the process should be similar for every domain provider: place each value of NS record (from AWS Hosted zone) to Domain registrar nameservers
It can take up to 48 hours to register new nameservers.
To access website using our domain we need to add two alias records of type A: one for our main domain (borisnovikov.xyz) and the other is for subdomain (www website version):
- On Hosted zone page click
- Record type -
- Route traffic to - Beanstalk, then select region and environment
Same for www but add
www prefix to
Record name field.
Wait a few minutes and voi la - our website is now accessible with our domain
To set up SSL we need to obtain SSL certificate:
- Visit AWS Certificate Manager.
Request a certificate
- Add two domain names: one for your website and the other for www version
Here I added wildcard domain (*.borisnovikov.xyz) - it will cover all subdomains including www or any other.
DNS Validation and keep clicking
Because we delegated domain management to AWS by setting nameservers, we need to validate ownership by expanding any domain and clicking
Create record in Route 53. Click
SSL certificate will be issued after a while (it can take up to 48 hours - usually within 30 minutes after nameservers delegation is completed).
Next step is to add https listener to load balancer.
First we need to modify Load Balancer security group to allow secure connections:
- Open EC2 Dashboard
- In sidebar click Load Balancers
- Select your Load balancer and scroll down
- Copy security group name and open link near it
On the Security groups page search the page (Ctrl+F in most browsers) for security group name you copied earlier, click on Security group ID.
On opened page click
Edit inbound rules, then click
HTTPS Type, Source -
Anywhere IPv4, save rule and close the page.
Now we will set https listener:
- On Load Balancers page select your load balancer
Listenerstab and copy default rule for HTTP listener (forwarding to ...)
- Click button
HTTPSprotocol from the dropdown
- From the
Target groupdropdown select the same group you copied earlier from HTTP listener default action
Security policydropdown select suitable policy (default
ELBSecurityPolicy-2016-08policy is recommended). More about policies here
Default SSL Certificateyou created earlier.
Tada! You can now access your website via https protocol =)
Thanks for reading.