forwarding HTTPS from Godaddy to AWS

I'm new to setting up and managing Websites. I've looked through many previous questions and none seem to quite fit my case. I think this question may be useful to many others.

I purchased a domain name and hosting services on Godaddy. I need to also have secure access so I also purchased an SSL certificate on Godaddy. The default settings thus routed http://mydomain.com and https://mydomain.com to my site. Godaddy also forwarded the www subdomains to my site - this all worked perfectly. I now needed to add a database and support for growth, so I am moving to a VPC on AWS with a public EC2 instance for the Website, and private EC2 instance for the DB.

First, I've read some posts indicating that the best way to move the Website is to use Godaddy's domain controls to forward the domain (via 301) to the AWS Website. Others seem to indicate that I should just make the domain servers point directly to the AWS Website. What are the advantages/disadvantages of each approach? Which is the better approach?

I've currently used the domain forwarding approach. However, for Godaddy, this seems to only forward HTTP requests and not HTTPS requests (they get a 'This Webpage is not available' error). Is there a way to forward the HTTPS address to AWS and retain (rekey?) the SSL certificate? What do I need to do with the SSL cert? If I need a new SSL cert, how do I attach it to the domain hosted by Godaddy but point it to the Website on AWS?

I'm a newbie, so please explain in detail. Thanks.

I rekey'd the cert at GoDaddy and loaded it into Apache on the public EC2 server. I also configured Apache to handle the HTTPS requests. Thus, direct access to the EC2 public IP works fine for HTTP and HTTPS; it's the 301 forwarded HTTPS from GoDaddy that isn't working. It sounds like the piece I'm missing is configuring a direct link in the DNS (A record?) to point to the EC2 server. At least that's what I assume your Route53 configuration would do. Is that correct?

I did configure Apache on the EC2 instance to handle the HTTPS requests. However, I think the problem is that I'm using the 301 forwarding at GoDaddy, and I'm not sure they do the forwarding for HTTPS (HTTP forwarding works fine; and direct access to the EC2 instance works fine for HTTP and HTTPS). Given that and based on your descriptions,

oops; didn't get that comment completed; continuing - it seems like I may just need to set up the DNS server to go directly to my EC2 instance. Is that just a matter of changing the A record in the GoDaddy DNS servers?

ok. I think I understood the specific problem you are facing. You are trying to use Godaddy's forwarder service to forward an https:// link to AWS. I am editing the above answer for this.

This worked, although I used GoDaddy's name servers instead of AWS Route53.

glipper, can you please mention how you solved this by using GoDaddy's name servers instead of AWS Route53?

Go to GoDaddy's "DNS Management" panel, change the "A" record value to point to the elastic IP address of your AWS instance.

@Rivnat It wasn't "solved" if you are using Beanstalk/load-balancer (LB). hxxps://mydomain.tld will not redirect correctly on GD as mentioned. To get working 'mostly', simply forward domain to say 'www.' cname. The cname host should be your beanstalk URL (not an IP!) as it's more than 1 IP (it's LB'ed). Requests for http will work fine in this manner. And as answer mentions - it practically works - users wont type out 'https' normally. --SIMPLE ANSWER: Just use Route53 if you can - and your DNS issues/problems will likely vanish (on AWS resources).

If using an AWS single IP EC2 (non LB/non Beanstalk) this is no different than any other single public webserver, you simply create an A record with the EC2 public IP (Be this the bare domain = "@" or any other A record). Point the CNAME of www. (example) at this A record hostname. DONE. The rest is done at server level (rewriting or redirection for SSL/etc)..NO FORWARDING IS NEEDED @ GD!