Convert http to https in AWS

#aws #route53 #nameserver #godaddy

Upgrade Your EC2 Instance: A Step-by-Step Guide to Securing Your Site with HTTPS!

Overview

To secure the public URL provided by a load balancer when connecting to an EC2 instance within the same VPC, it’s crucial to follow a structured approach. Start by acquiring a registered domain name from a trusted provider like GoDaddy. Next, configure your EC2 instance to function behind an Application Load Balancer (ALB) within the same VPC. Upload your domain to AWS Certificate Manager to obtain a verified SSL/TLS certificate. Finally, integrate this certificate into Route 53 and map it to your load balancer. This setup not only secures your connection but lays the foundation for seamless and reliable traffic management. Let’s dive deeper into the steps—you’re just a few clicks away from an airtight setup!

Prerequisite

Domain Name Registration
Obtain a domain name from a trusted third-party provider say GoDaddy for mapping your load balancer's public URL.
Integration with ALB
Ensure your EC2 instance is connected to an Application Load Balancer within the same VPC to manage traffic securely and efficiently.
You can attain this by referring to this Linkedin post.

Steps

Step 1: Verify Your Domain with AWS Certificate Manager

Go to AWS console and select ACM.
Request a new certificate and keep it public.

Here enter your domain name and keep the setting as selected below. By selecting DNS validation you will get the cname and and it's value.

Copy paste the cname and value to Go Daddy DNS Records. By doing this the certificate will get verified in few minutes.

Once your certificate is successfully issued, the AWS Certificate Manager (ACM) process is complete.

Step 2: Configure Route 53 and Update Nameservers in GoDaddy

Go to AWS Route53 and create your hosted zone with your domain and keep it public zone.

Once the zone is created you will get NS records as shown.

Go to Go Daddy and select nameservers and then change nameservers.
Select the option 'I'll use my own nameservers' and paste the nameserver we got previously from Route53.

Once this is done then your Go Daddy will no more responsible for managing your nameservers. It will look something like this.

Once this is successfully done, the AWS Route53 process is complete.

General Knowledge

Nameservers are part of the Domain Name System (DNS) that translate domain names (like example.com) into IP addresses that computers use to identify each other. They are essential because they direct internet traffic to the correct server, ensuring users can access your website or application seamlessly.
Amazon Route 53 is a scalable DNS web service that connects user requests to internet resources like websites or applications. It manages domain names, routes traffic efficiently, and integrates with AWS services to provide secure, reliable, and highly available routing.

Step 3: Connect your Route53 to Application load balancer.

Create a A record for your domain to connect your Route53 to Application Load Balancer and select 'switch to wizard'

Select simple routing and proceed.

Select 'Define Simple Record' and a pop up menu will appear like this.

Select Application and Classic Load Balancer , the region where it is located and choose the load balancer you have created previously.

Once completed, you'll be able to connect your application using your IP address, but only via HTTP, not HTTPS.

Step 4: Final Step (Make it Https)

Go to Certificate Manager , select your issued certificate and click 'Create record in Route53'. This will link a cname record of this certificate with Route53.

Now link the certificate to the load balancer. Go to your load balancer and add a listener for HTTPS:443.
Under Secure listener settings link your issued certificate from ACM.

Once completed, you'll be able to connect your application using HTTPS.

Conclusion

Congratulations! 🎉 You have successfully completed the HTTP to HTTPS tutorial. Your website is now securely encrypted, providing a safer browsing experience for your users. Great job!