In our last blog we created S3 bucket, Route 53 Domain name for our static website.
Now we will create SSL certificate from ACM and CloudFront Distribution to make the website secure and user-friendly with respect to domain name system.
If you want to refer part 1 of this blog click “here” (to Navneet – add link of part 1 blog shared with you for the month of Sept 2023.)
Step 3 : SSL certificate request in ACM. (5 mins)
Now we will create SSL Certificate from AWS ACM.
Navigate to ACM Console, click on “request certificate”, “Request a public certificate”.
In the Fully qualified domain name, enter the website name. Eg : I have tre****.com, then the fully qualified domain name will be “tre****.com”, www.tre****.com
You can select validation method as per your convenience. I am selecting Email Validation as I am having access to the admin emails of respective domain.
Keep rest of the settings as default and create a request.
The console will appear as follows :
Since we have selected Email Validation, we will receive a mail to approve the certificate at prefix@tre****.com.
Prefix : firstname.lastname@example.org, admin@, administrator@, hostmaster@, postmaster@, webmaster@
Eg : admin@tre****.com
After approving the same, we will get console with “Issued” under Status in ACM Console.
Step 4 : Create CloudFront Distribution. (5 mins)
Amazon CloudFront is a renowned content delivery network (CDN) that effectively caches content on a globally dispersed network of proxy servers operated by Amazon. Subsequently, it intercepts user requests and directs them to the nearest proxy server. However, the DNS names generated by CloudFront lack memorability and user-friendliness. Ideally, it is advisable to associate this distribution with a custom domain name hosted on Route 53, which we possess.
Now create a CloudFront Distribution. Navigate to CloudFront console, click on Create Distribution.
Copy the static website URL from S3 bucket.
eg : http://tre****static.com.s3-website-us-east-1.amazonaws.com
From CloudFront Distribution, in “Origin Domain”, paste the URL copied from S3 (without https://)
Under “Default Cache Behaviour”, select “Redirect HTTP to HTTPS” in viewer protocol policy.
Under “Web Application Firewall”, select “Do not enable security protections”.
Add “Alternate Domain Name” under section “Settings”. I am adding “tremyda.com”, so I can access the website using tremyda.com from browser.
Select SSL certificate from browser which we created using AWS ACM.
And click on “Create Distribution”.
It will take almost 15-20 mins for the CloudFront Distribution to deploy.
Once it is deployed we will get the corresponding status in Console.
In the meanwhile, navigate to Route 53 console and create a records as per following details
- Record Name : keep blank
- Record Type : A record
- Alias : Enabled
- Route traffic to : Alias to CloudFront Distribution
- Your CloudFront DNS will appear in dropdown
- Routing Policy : Simple routing
And click on Create Record.
The CloudFront Distribution will be up and running. The same will be appearing in the console under tab “Status”.
Now you can access the website using CloudFront Distribution Domain Name and Alternate Domain Name
Estimated cost of the services used