how to enable (https) SSL certificate AWS EC2 hosted site

Question

So far i did below configuration.

1. I hosted my site on EC2 AWS machine. Public ip and public DNS.
2. I can access my website by ip as well as public DNS.
3. I purchased domain name from GoDaddy. www.xxtrasc.com
4. On AWS I created Hosted Zone then map www.app.xxtrasc.com successfully.

Now i access my website directly www.app.xxtrasc.com

Next want to enable https

1. On AWS Certificate Manager order certificate with domain name *.xxtrasc.com Did everything to add CNAME and all. I can see status gree colored Issued on ACM.

Now how i can attached this certificate to my web site so that i can access https://www.app.xxtrasc.com

Answer 1

You cannot use ACM to directly install your ACM Certificate on your AWS based website or application https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-install.html You must use one of the following services:

1. Elastic Load Balancing
2. Amazon CloudFront
3. AWS Elastic Beanstalk
4. Amazon API Gateway
5. AWS CloudFormation Please read the official doc : https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html So to install the certificate directly under apache2/nginx configuration you need to obtain the certificate from other third parties like Lets Encrypt, GoDaddy etc. you can read about that here - https://in.godaddy.com/help/manually-install-an-ssl-certificate-on-my-apache-server-centos-5238

On AWS I recommend using an ELB an placing your EC2 instances behind this ELB. This will allow you to select your ACM certificate from ELB itslef. Please read following doc to use classic load balancer with HTTPS https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-server-cert.html

Answer 2

If you want to enable SSL on your site, you need to purchase SSL certificate. You can purchase it with Godaddy and then setup it on AWS server. Without SSL certificate, your https site won't work.