I have been trying to figure out how to implement SSL with websites hosted on Amazon S3 for a few weeks now. Finally, I think I figured it out. Well the first challenge was getting Cloudfront to work with my S3 bucket. What was causing it to fail is selecting the wrong Origin Domain Name when creating a new distribution. When you click on the text box, Amazon lists recognized S3 buckets. Do not pick from the list. Instead, copy and paste the endpoint URL found in the properties of the bucket.
Once I started to see data when I generated reports in Cloudfront, I knew I did it right this time. The next step is get the SSL certificate in Amazon IAM. Once you upload it, it will be available in the dropdown list in Cloudfront to be selected. It’s a long and tedious process with some trial and error, but I think it’s worth it to increase browsing security for the website.
A couple of things that I’m still working on are:
- Ensure Disqus comments are not broken. If you are having issues, please let me know.
Why implement SSL?
- The main reason why we implemented it is to allow a secure connection from your browser to our website. There are many companies out there secretly injecting tracking scripts to its customers/users. Why? Well, to make money off you, of course. I’m hoping to reduce the effectiveness of such practices. http://arstechnica.com/security/2014/10/verizon-wireless-injects-identifiers-link-its-users-to-web-requests/
- Google plans to increase search result ranking for websites using HTTPS. http://arstechnica.com/security/2014/08/in-major-shift-google-boosts-search-rankings-of-https-protected-sites/
- I was curious about how it works and its implementation so I decided to do it on our own website.