DEV Community

Cover image for Convert http to https in AWS
Darshil Mahraur
Darshil Mahraur

Posted on

Convert http to https in AWS

Upgrade Your EC2 Instance: A Step-by-Step Guide to Securing Your Site with HTTPS!


Overview

To secure the public URL provided by a load balancer when connecting to an EC2 instance within the same VPC, it’s crucial to follow a structured approach. Start by acquiring a registered domain name from a trusted provider like GoDaddy. Next, configure your EC2 instance to function behind an Application Load Balancer (ALB) within the same VPC. Upload your domain to AWS Certificate Manager to obtain a verified SSL/TLS certificate. Finally, integrate this certificate into Route 53 and map it to your load balancer. This setup not only secures your connection but lays the foundation for seamless and reliable traffic management. Let’s dive deeper into the steps—you’re just a few clicks away from an airtight setup!

Prerequisite

  • Domain Name Registration
    Obtain a domain name from a trusted third-party provider say GoDaddy for mapping your load balancer's public URL.

  • Integration with ALB
    Ensure your EC2 instance is connected to an Application Load Balancer within the same VPC to manage traffic securely and efficiently.
    You can attain this by referring to this Linkedin post.

Steps

Step 1: Verify Your Domain with AWS Certificate Manager

  • Go to AWS console and select ACM.
  • Request a new certificate and keep it public.

Requesting Certificate

  • Here enter your domain name and keep the setting as selected below. By selecting DNS validation you will get the cname and and it's value.

Enter Domain Name

  • Copy paste the cname and value to Go Daddy DNS Records. By doing this the certificate will get verified in few minutes.

CNAME

Once your certificate is successfully issued, the AWS Certificate Manager (ACM) process is complete.

Step 2: Configure Route 53 and Update Nameservers in GoDaddy

  • Go to AWS Route53 and create your hosted zone with your domain and keep it public zone.

AWS Route53

  • Once the zone is created you will get NS records as shown.

Get NS Records

  • Go to Go Daddy and select nameservers and then change nameservers.
  • Select the option 'I'll use my own nameservers' and paste the nameserver we got previously from Route53.

Copy ns records from Route53

Once this is done then your Go Daddy will no more responsible for managing your nameservers. It will look something like this.

Go Daddy Console

Once this is successfully done, the AWS Route53 process is complete.

General Knowledge

Nameservers are part of the Domain Name System (DNS) that translate domain names (like example.com) into IP addresses that computers use to identify each other. They are essential because they direct internet traffic to the correct server, ensuring users can access your website or application seamlessly.
Amazon Route 53 is a scalable DNS web service that connects user requests to internet resources like websites or applications. It manages domain names, routes traffic efficiently, and integrates with AWS services to provide secure, reliable, and highly available routing.

Step 3: Connect your Route53 to Application load balancer.

  • Create a A record for your domain to connect your Route53 to Application Load Balancer and select 'switch to wizard'

Creating 'A' record

  • Select simple routing and proceed.

Simple Routing

  • Select 'Define Simple Record' and a pop up menu will appear like this.

Simple Record

  • Select Application and Classic Load Balancer , the region where it is located and choose the load balancer you have created previously.

Select these options

Once completed, you'll be able to connect your application using your IP address, but only via HTTP, not HTTPS.

Step 4: Final Step (Make it Https)

  • Go to Certificate Manager , select your issued certificate and click 'Create record in Route53'. This will link a cname record of this certificate with Route53.

Linking certificate to route53

  • Now link the certificate to the load balancer. Go to your load balancer and add a listener for HTTPS:443.

  • Under Secure listener settings link your issued certificate from ACM.

Linking certificate to Load Balancer

Once completed, you'll be able to connect your application using HTTPS.

Conclusion

Congratulations! 🎉 You have successfully completed the HTTP to HTTPS tutorial. Your website is now securely encrypted, providing a safer browsing experience for your users. Great job!

Result

Additionals

  • Make sure your security groups inbound rules are accepting https traffic.
  • You can redirect your http traffic to https in the rules section.

Top comments (11)

Collapse
 
devansh_aryan_4135a9bccd8 profile image
DEVANSH ARYAN

Great Blog

Collapse
 
areebahmeddd profile image
Areeb

Well written. i remember when my team had this problem in azure and you gave us the shortcut method of getting https on azure issued uri :p

Collapse
 
darshil89 profile image
Darshil Mahraur

Thank you areeb , I'll make a new blog explaining the steps to proceed on Azure.

Collapse
 
skysingh04 profile image
Akash Singh

Very well written!

Collapse
 
khushi_tanwar_e520df5b7e1 profile image
Khushi Tanwar

Very Insightful

Collapse
 
pushpa_pandey_2 profile image
Pushpa Pandey

Great

Collapse
 
madhurika_priya_f7c7858c2 profile image
Madhurika Priya • Edited

Very Informative Blog

Collapse
 
haideraqeeb profile image
Md Raqeeb Haider

Very interesting and insightful.

Collapse
 
gautam_shorewala_9bd5e31e profile image
Gautam Shorewala

Very informative and insightful blog

Collapse
 
sai_chaitrika_9151ddf2468 profile image
Sai chaitrika

Great work! Keep going…

Collapse
 
hansasingh profile image
Hansa

Very interesting and informative!