Adding HTTPS to Your AWS Beanstalk App
So you've successfully deployed your application to AWS Elastic Beanstalk, but there's one small hurdle: it's currently accessible only through the HTTP protocol. Not to worry, we'll guide you through the process of securing your app and displaying it under HTTPS on your domain.
Why HTTPS Matters
HTTPS (Hyper Text Transfer Protocol Secure) is the secure version of HTTP, providing encryption and data integrity to your website. It ensures that information exchanged between the user and the website is encrypted, safeguarding against potential security threats like data breaches and man-in-the-middle attacks.
Having your website accessible through HTTPS not only enhances security but also builds trust with your users. Visitors are more likely to engage with your app when they see that their connection is secure.
Steps to Enable HTTPS for Your AWS Beanstalk App
Step 1: Obtain an SSL Certificate
To enable HTTPS for your domain, you need an SSL (Secure Sockets Layer) certificate. AWS provides an easy way to obtain and manage SSL certificates using AWS Certificate Manager (ACM).
-
Navigate to AWS Certificate Manager (ACM):
- Go to the AWS Certificate Manager Console.
-
Request a Public Certificate:
- Click on "Request a certificate".
- Choose "Request a public certificate".
- Enter your domain name (e.g.,
example.com
and*.example.com
for a wildcard certificate). - Follow the prompts to complete the request using DNS validation.
Step 2: Configure HTTPS in AWS Beanstalk
-
Open Elastic Beanstalk Console:
- Navigate to the Elastic Beanstalk Console.
-
Select Your Environment:
- Select the environment you want to configure for HTTPS.
-
Modify Environment Configuration:
- Click on "Configuration" in the left-hand menu.
- Under the "Load balancer" category, click "Edit".
-
Add HTTPS Listener:
- Scroll down to the "Listeners" section.
- Add an HTTPS listener on port 443.
- For "SSL certificate", select the SSL certificate you requested from ACM.
-
Save Changes:
- Apply the changes and wait for the environment to update.
Step 3: Update Security Groups for HTTPS
Ensure that your security group settings allow inbound HTTPS traffic:
-
Navigate to the EC2 Console:
- Go to the EC2 Console.
-
Select Security Groups:
- Find the security group associated with your Elastic Beanstalk environment.
-
Edit Inbound Rules:
- Add a new rule to allow HTTPS traffic:
- Type: HTTPS
- Protocol: TCP
- Port Range: 443
- Source: Anywhere (0.0.0.0/0) or specify a more restricted IP range if needed.
- Add a new rule to allow HTTPS traffic:
-
Save the Rules.
Step 4: Update DNS Settings
Point your domain to your Elastic Beanstalk environment:
-
Get Your Elastic Beanstalk Environment URL:
- Note the URL of your Elastic Beanstalk environment (e.g.,
my-app-env.elasticbeanstalk.com
).
- Note the URL of your Elastic Beanstalk environment (e.g.,
-
Log in to Your DNS Provider:
- Log in to the DNS management console of your domain registrar (e.g., GoDaddy, Namecheap, Cloudflare).
-
Create a CNAME Record:
- Create a new CNAME record pointing to your Elastic Beanstalk environment URL.
- For example:
- Name:
www
(or@
for the root domain if your provider allows) - Type:
CNAME
- Value:
my-app-env.elasticbeanstalk.com
- Name:
-
Save the DNS Record and wait for the changes to propagate.
Step 5: Validate HTTPS Setup
Once the changes are applied, access your application using the HTTPS protocol. Verify that your website loads correctly without any security warnings or errors. You can use online tools like SSL Labs to check the SSL configuration.
Securing your AWS Beanstalk app with HTTPS is a vital step towards establishing a safe and reliable web presence. By following the outlined steps and embracing HTTPS, you can elevate the security of your application and provide users with a secure browsing experience.