forwarding HTTPS from Godaddy to AWS
I typically setup things this way:
- Register for AWS Route53 DNS and point godaddy to this. I prefer this because it is easy to map AWS resources like S3 etc in DNS if we use Route53. Howto
- Use Elastic Beanstalk instead of manually configuring EC2 and ELBs and Setup the SSL certs on Beanstalk/ELB. Howto
- Handle the https redirect in your appserver configuration. Howto
Your current approach of "Forwarding (301)" of https to AWS using godaddy wont work. The forwarding by Godaddy is happening on a forwarding-webserver they are running (not at DNS level). So if they have to accept an https connection and forward, then they need the certificate for this and obviously they dont have your domain's certificate. So the only help godaddy forwarding will do is to forward the http to wherever you need. Typically I use this for "parking" additional domains and not for the primary domain (say xyz.net, xyx.co etc to xyz.com, where the .com is the primary domain). Here users wont go and type https explicitly and so it practically works.
Now, for the primary domain, they need to type https (or you redirect them to https) - In this case, you need to do a CNAME or A-record mapping. This can be done on Route53 (aws) or at Godady itself, by changing the DNS records (not 301 forwarding). Long explanation, hope it clarifies !
glipper
Updated on June 11, 2022Comments
-
glipper almost 2 years
I'm new to setting up and managing Websites. I've looked through many previous questions and none seem to quite fit my case. I think this question may be useful to many others.
I purchased a domain name and hosting services on Godaddy. I need to also have secure access so I also purchased an SSL certificate on Godaddy. The default settings thus routed http://mydomain.com and https://mydomain.com to my site. Godaddy also forwarded the www subdomains to my site - this all worked perfectly. I now needed to add a database and support for growth, so I am moving to a VPC on AWS with a public EC2 instance for the Website, and private EC2 instance for the DB.
First, I've read some posts indicating that the best way to move the Website is to use Godaddy's domain controls to forward the domain (via 301) to the AWS Website. Others seem to indicate that I should just make the domain servers point directly to the AWS Website. What are the advantages/disadvantages of each approach? Which is the better approach?
I've currently used the domain forwarding approach. However, for Godaddy, this seems to only forward HTTP requests and not HTTPS requests (they get a 'This Webpage is not available' error). Is there a way to forward the HTTPS address to AWS and retain (rekey?) the SSL certificate? What do I need to do with the SSL cert? If I need a new SSL cert, how do I attach it to the domain hosted by Godaddy but point it to the Website on AWS?
I'm a newbie, so please explain in detail. Thanks.
-
glipper about 10 yearsI rekey'd the cert at GoDaddy and loaded it into Apache on the public EC2 server. I also configured Apache to handle the HTTPS requests. Thus, direct access to the EC2 public IP works fine for HTTP and HTTPS; it's the 301 forwarded HTTPS from GoDaddy that isn't working. It sounds like the piece I'm missing is configuring a direct link in the DNS (A record?) to point to the EC2 server. At least that's what I assume your Route53 configuration would do. Is that correct?
-
glipper about 10 yearsI did configure Apache on the EC2 instance to handle the HTTPS requests. However, I think the problem is that I'm using the 301 forwarding at GoDaddy, and I'm not sure they do the forwarding for HTTPS (HTTP forwarding works fine; and direct access to the EC2 instance works fine for HTTP and HTTPS). Given that and based on your descriptions,
-
glipper about 10 yearsoops; didn't get that comment completed; continuing - it seems like I may just need to set up the DNS server to go directly to my EC2 instance. Is that just a matter of changing the A record in the GoDaddy DNS servers?
-
Sony Kadavan about 10 yearsok. I think I understood the specific problem you are facing. You are trying to use Godaddy's forwarder service to forward an https:// link to AWS. I am editing the above answer for this.
-
glipper about 10 yearsThis worked, although I used GoDaddy's name servers instead of AWS Route53.
-
Rivnat over 9 yearsglipper, can you please mention how you solved this by using GoDaddy's name servers instead of AWS Route53?
-
Weidian Huang over 7 yearsGo to GoDaddy's "DNS Management" panel, change the "A" record value to point to the elastic IP address of your AWS instance.
-
B. Shea about 7 years@Rivnat It wasn't "solved" if you are using Beanstalk/load-balancer (LB). hxxps://mydomain.tld will not redirect correctly on GD as mentioned. To get working 'mostly', simply forward domain to say 'www.' cname. The cname host should be your beanstalk URL (not an IP!) as it's more than 1 IP (it's LB'ed). Requests for http will work fine in this manner. And as answer mentions - it practically works - users wont type out 'https' normally. --SIMPLE ANSWER: Just use Route53 if you can - and your DNS issues/problems will likely vanish (on AWS resources).
-
B. Shea about 7 yearsIf using an AWS single IP EC2 (non LB/non Beanstalk) this is no different than any other single public webserver, you simply create an A record with the EC2 public IP (Be this the bare domain = "@" or any other A record). Point the CNAME of www. (example) at this A record hostname. DONE. The rest is done at server level (rewriting or redirection for SSL/etc)..NO FORWARDING IS NEEDED @ GD!