AWS EC2 instance doesn't response using HTTPS

Question

I have AWS EC2 instance that sends the response using HTTP. The URL link is as below:

http://ec2-18-233-225-132.compute-1.amazonaws.com:3030/api/status

This works fine with the. S3 bucket after the deployment, but, the Cloudfront blocks request that are not comes using HTTPS. How do I make sure that HTTPS also work with this URL:

https://ec2-18-233-225-132.compute-1.amazonaws.com:3030/api/status

Thanks.

Answer 1

ec2-18-233-225-132.compute-1.amazonaws.com domain belongs to AWS, not you. This means that you can't have valid SSL certificate for it. You must have your own domain if you want to enforce https between CF and EC2.

Once you get your domain, you can use https://letsencrypt.org/ to get valid free SSL cert for it. Alternatively, you can front your instance with a load balancer, and get free SSL cert for your domain using AWS ACM. Then you associate the SSL cert with the LB.

Answer 2

For cloudfront https handling: Create certificate in ACM. Update cloudfront distribution to use that certificate and set ssl/TLS. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-procedures.html#cnames-and-https-updating-cloudfront

for EC2 https handling: You need to open HTTPS port (443). To do that, you go to https://console.aws.amazon.com/ec2/ and click on the Security Groups link on the left, then create a new security group with also HTTPS available. Then, just update the security group of the instance.

After these steps, if it's still not working it is an application problem.