Redirecting a domain with HTTPS using AWS

Dinesh M

2 min read

Hello everyone! Hope life’s good. As mentioned in the title, the objective of my blog is to see how we can redirect one domain to another with HTTPS using AWS. This will come in handy when you have a popular website that many users use often and want to switch from one domain to another. But you don’t want to tell your users that you’re changing the website name.

That is why we are going to look at how we are going to redirect a domain using AWS S3, Cloudfront, Route 53, and SSL Manager. I am very eager to share my experience with you all, so let’s dive in…

The following are the steps we are going to take to redirect a domain.

  • Configuration on S3 Bucket
  • Issue an SSL Certificate via Amazon Certificate Manager (ACM)
  • Configure Amazon CloudFront HTTPS redirect
  • Point the DNS record to the CloudFront endpoint

Consider we are going to redirect from https://abc.com to https://xyz.com.

1. Configure S3 Bucket:

Our first step would be to create a bucket in S3 and enable it for static website hosting. Please follow the steps as shown below.

Give your bucket a globally unique name.

Then Move to the S3 Main Page, select the bucket name that you have created, and select properties. At the last, you find the option Static Website Hosting.

On this page, you want to choose “Redirect requests” and enter the target bucket (this is the domain name you want to redirect to) along with the protocol. 

One last thing before clicking save. Make note of the “Endpoint” on the page. Go ahead and copy the endpoint and paste it into a text editor. We will need this later. After entering the information click “Save”.

S3 Reference: https://aws.amazon.com/s3/

NOTE:  Create a bucket policy for your S3 bucket to access Cloudfront.

2. Issue an SSL Certificate via Amazon Certificate Manager (ACM):

To create an SSL certificate, go to AWS Certificate Manager in AWS. A super important step here, you must (or at least I had to) choose “US East (N. Virginia) from the drop-down in the upper right-hand corner of the AWS console:

To request a public certificate, follow the steps shown below.

Now our certificates will be in PENDING status. Let it be. Moving on…

…Go to Route53, create CNAME Record by NAME as CNAME name and value as CNAME value like in ACM certificate status.

It will take a few seconds to validate the DNS, after some time our Certificate status will be changed to SUCCESS.

Reference: https://aws.amazon.com/certificate-manager/.

3. Configure Amazon CloudFront HTTPS redirect:

Now we need to configure CloudFront for the S3 bucket to direct. Go to CloudFront Distributions in AWS and click the “Create Distributions” option.

Under Origin, map the S3 bucket endpoint, and leave the field Name as it is.

Then the Map issues an SSL certificate.

It will be deploying our inputs in CloudFront and will take around 10 minutes. Finally, it will give the Distribution Domain Name.

Reference: https://aws.amazon.com/cloudfront/.

4. Point the DNS record to the CloudFront endpoint:

The final step is to go to Route53 (or your domain provider) and create a DNS record to redirect the hostname.

Go to Route53 and click “Create Record Set”. For the name enter the name of the host you want to redirect.

NOTE: AWS will append the root domain for you if it’s a subdomain.

The record type should be “A – IPv4 address”. Set “Alias” to “Yes” and for “Alias Target” when you click in the text field it should be auto-populated with values from Cloudfront. Choose the appropriate Cloudfront distribution. Now click “Save Record Set”.

All our configurations are done now. A quick summary of the above steps:

  • We created a new S3 bucket and configured it to host static websites and then we got ourselves an SSL certificate from the certification manager in AWS.
  • Next, we configured Route 53 to use our issued certificate. After that, we created CloudFront distribution and mapped our SSL there.
  • Finally, we pointed the DNS record to the cloud endpoint. 

NOTE: Finally add Route53 Endpoint to CloudFront again.

Reference: https://aws.amazon.com/route53/.

You can see my site is redirected from https://abc.com to our destination https://xyz.com using AWS services. Hope you learned some new information from my blog. To know more about these kinds of services, please follow us.

Until then keep expecting the best from us. 

Related posts:

7 Replies to “Redirecting a domain with HTTPS using AWS”

  1. Hello, thank for the post!
    I found this works when redirecting through HTTP, but not through HTTPS. I think I have followed the whole process, did I miss something?

  2. Hi Michael ,
    I guess u chosen http protocol instead of https in static web hosting option under s3.
    can you please check.

  3. Same for me, cannot make it to work with HTTPS.

    Could you please explain why we need the CNAME? With which domain names should the CNAME record be created? The screenshots included in the post, do not make this clear. An example with the domains https://abc.com to https://xyz.com could be very helpful there.

    Thank you!

  4. Hi Alex,
    We are using CNAME record for mapping cloudfront distribution endpoint with abc.com (CNAME record type in route53 hostedzone).

    when the user hits abc.com, request will follow the below path.

    abc.com(Route53) >>> cloudfront(distribution) >>> s3 bucketname(abc.com)
    In s3 we configured static webhosting with https protocol for xyz.com ,
    so it redirects https://abc.com to https://xyz.com.

  5. Could you explain this step:
    Create a bucket policy for your S3 bucket to access Cloudfront.

  6. Brian,

    We need to create a bucket policy to let cloudfront access the said bucket. There are lot of example s3 bucket policies in the AWS official document itself.please refer

  7. This is missing One Step.

    The issue was that apex domain was not added to CF distribution as an alternative name.

    The solution was to add the domain to CF distribution.

Leave a Reply

Your email address will not be published. Required fields are marked *