SO I have a domain pointed into a cPanel. Now I wanted my emails to be hosted in cPanel but my website files should serve from AMAZON AWS EC2. So I changed the A record in the cPanel and it works fine. Now I have to make the website serve with HTTPS. Can anyone help me with that ?
I have created a certificate using Amazon certificate manager.
2
Answers
You cannot use a certificate created with ACM on EC2 directly.
Instead, you need to put your instance behind a load balancer (either the ELB classic or the ALB) and then deploy the ACM cert to the load balancer.
You will also need to change the DNS record from an A record point to the IP address to a CNAME that points at the load balancer name.
Another option would be to use Let’s Encrypt on the instance to generate the cert.
Your other option would be to purchase a commercial cert & deploy it to the instance.
AWS Certificate Manger can only be implement with Load Balancer only.
It does not provide you option to download the certificate keys and map with any machine]
TO map your domain with HTTPS you will need to create Elastic Load Balancer CLB/ALB (I would prefer you to create ALB load balancer).
Map your CLB/ALB with ACM for port 443 and add your Instance with create ELB.
FYI: For ALB you will have to create Target group.
Pros: It is cheap and very secure as well, it does provide you TLS Security Policy version.
Reference: https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-policy-table.html
References to Create ACM and Load Balancer:
https://hackernoon.com/getting-a-free-ssl-certificate-on-aws-a-how-to-guide-6ef29e576d22