HTTPS Setup with Namecheap and AWS

13/July/2017 by Valkryst

This guide assumes that you have a domain name registered through Namecheap and that you have a static website hosted on AWS S3 using both AWS Route53 and AWS CloudFront.

Amazon has a guide that explains how to set up a static website using their services.

All mentions of example.com and www.exampke.com should be replaced with the domain of your website, so for me this would be valkryst.com and www.valkryst.com.

Steps

  1. If you're using WhoisGuard with your Namecheap domain, then follow this guide to change the "Forward to" email address to "Registrant Email". This is required to ensure that any emails sent to the WhoisGuard email address will be forwarded to the email you used when registering your domain.

  2. Follow this guide to request a SSL certificate through AWS Certificate Manager. I recommend adding both the www.example.com and example.com versions of your domain to the certificate.

  3. Log-in to AWS, navigate to the AWS CloudFront service, and click on the ID of the distribution associated with your domain.

  4. In the General tab, click on the Edit button. In the Alternate Domain Names text box, enter example.com on one line and www.example.com on another. Under SSL Certificate, ensure that you've selected Custom SSL Certificate and that it's set to use the certificate created in step #2, then save your changes.

  5. In the Origins tab, select the origin, and click the Edit button. Set the Origin Domain Name to point to the AWS S3 bucket in which your static site is located, then save your changes.

  6. In the Behaviors tab, select the behavior, and click the Edit button. Under Viewer Protocol Policy, select Redirect HTTP to HTTPS, then save your changes.

  7. In your hosted zone on AWS Route53, assuming you already have A Record Sets for both example.com and www.example.com. Click on each A record and change the Alias Target to point to your AWS CloudFront distribution instead of point to your S3 website endpoints. If you're using AAAA records as well, then they must also be changed.

  8. This is not a required step, but I recommend enabling HTTP/2 support for your domain if you haven't already done so. You can learn more about HTTP/2 at the previous link and at this link.

You may need to wait a few minutes for your AWS CloudFront distribution to propigate updates. When the updates are complete, you'll see the Distribution Status, on the General tab, change from InProgress to Deployed.