Back in February I wrote a post detailing 3 Ways to Secure your Website for Free. Well since then I have been using only one method to secure the API’s and Websites my team and I have been building.
We use AWS Cloudfront and AWS Certificate Manager to manage everything. We host our sites and API’s on Heroku and we simply point the Cloudfront at our Heroku app using Cloudfront’s Origin Domain Name property.
Firstly, log into AWS and go to the Certificate Manager and create a certificate for example.com.
Then, go to cloudfront, click on “Create Distribution” and configure the Origin Domain Name to point towards your herokuapp
When you get to the certificate section set the desired subdomain, as an example below:
Lastly, you will need to point the DNS of your new domain (www.example.com) towards the cloudfront URL using a CNAME.
It takes a little while to replicate about 10 mins or so and then your url should be secure. The great advantage here is that AWS will now look after the renewal process for you.
OK the eagle eyed of you will have noticed that you have to pay for Cloudfront however, the SSL does come free.
Free SSL for everyone!
Enjoyed the article? Recommend it by pressing heart ❤ Below, Thanks.