Deploy a secure Web Application in Amazon Beanstalk with SSl certificate and custom domain name
Every time I find myself struggling recreating a procedure the next thing I am doing is to write it down and describe it in a medium post.
There is no point to keep documentation like this one hidden from the community especialy when you have the ability to make the life of a fellow developer simpler.
In this post i will lay out all the steps needed to deploy a secure web application using only Amazon Web Services tools.
1st Step
Create a web application in AWS Elastic Beanstalk. It is a really straightforward procedure ,you can check Amazon docs for more information (https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/GettingStarted.html).
2nd Step
Connect to Route 53, from there you can either buy or register an already acquired domain name from an external provider.
Enter the domain name you want to register (e.g. example-domain.com). For domain name formats see here : https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html.
3rd Step
Navigate to AWS Certificate Manager in order to buy a SSl certificate for your newly acquired domain.
Press the request button to request a new certificate
In Domain names fill in your newly acquired domain. Select DNS validation method and press the request button.
Your certificate will be in pending validation status as you can see in certificate status page.
Navigate to AWS Certificate Manager find your certificate and click on the Certificate ID.
You are going to validate your certificate through DNS validation. Check your domain from the list and click Create records.
Wait some time for the status to change.
Now you are ready associate your Beanstalk Application with your new certified domain.
Navigate to Route 53 and click Hosted zones. Create a new record where you match your domain name with the beanstalk enviroment.
Use quick create record , activate Alias from the ALias button and click on the Create Records button.
With your application now connected to the domain name, you are able to find it online under the specific domain.You will see that your domain is not secure. There are two more steps to utilize an https connection.
4rth Step
Go back to your Beanstalk enviroment, enter the configuration sector and find load balancer. Click edit and add a HTTPS listener with the following configurations.
After you click the Add button you have to scroll to the bottom of the page and click apply. It seems that is not a great moment for Amazon’s UI. Thankfully stackoverflow is there for the rescue:
The https://yourdomain is ready and findable through the web. One last step and you are ready to go.
One last Step
Go to AWS EC2 and find your EC2 instance where your Beanstalk enviroment is running.
Then navigate to load balancers and select the load balancer which serve your enviroment.
Select the HTTP listener and click edit.
Remove the default action and add a new one with the redirect action.
You are ready to go. All the traffic towards your app is going to be served from the secure https domain.
Please let me know if you have any thoughts, comments or suggestions!
