SSL for default Amazon EC2 domain

Question

I'm running a EC2 instance with Amazon Linux. My public URL is like :

my-url-prefix.us-west-2.compute.amazonaws.com

. I need SSL for a specific reason. My question is this:

Is there any way to add SSL for the domain "my-url-prefix.us-west-2.compute.amazonaws.com"? What is the process of doing so?

Like OpenShift.com, is there any way of getting a HTTPS for the ec2 instance? Like https://the-maevjay.rhcloud.com/

Answer 1

I've been searching around for a solution in 2023, the easiest way I found to resolve this is by running your ALB/ELB behind CloudFront, which (unlike ALB) gives you a TLS certificate by default:

User -> CloudFront edge location (HTTPS) -> ALB (HTTP) -> Backend (HTTP)

Although CloudFront incurs extra costs, apart from the ability to cache static content, CloudFront gives you faster TLS termination, which happens at its edge locations, thus reducing latency on the first two TLS handshake roundtrips.

Answer 2

As Matt Houser answered, you can't obtain an SSL certificate for the amazonaws.com domain. You need to obtain a domain and get the certificate for that.

Per the official docs:

"If you plan to use your EC2 instance to host a public web site, you need to register a domain name for your web server or transfer an existing domain name to your Amazon EC2 host."

If you have a domain, the process isn't exactly straightforward but is well documented. Assuming you are using Apache Web Server, you can follow the instructions from here:

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html

Answer 3

No.

Amazon owns the amazonaws.com domain. So you cannot obtain an SSL certificate for that URL. Doing so would defeat the purpose of the certificate authority.