From HTTP to HTTPS: Secure Your S3 Website with CloudFront + ACM + Route 53🚀

From HTTP to HTTPS: Secure Your S3 Website with CloudFront + ACM + Route 53🚀

Saurabh Batra Saurabh Batra

Saurabh Batra

Published Apr 14, 2025
+ Follow


Hosting a static website on Amazon S3 is simple and cost-effective, but one major limitation is that S3 doesn’t support HTTPS out of the box. This article walks you through how to enable SSL (HTTPS) using Amazon CloudFront and AWS Certificate Manager, ensuring your site is secure, globally distributed, and blazing fast.

I’ve already documented the steps to host a static site on S3 in my previous post. If you haven’t seen it yet, check it out here: 👉 How I Launched a Static Website Using AWS

Now, let’s take it a step further and add HTTPS support.

✅ Step 1: Request an SSL Certificate via AWS Certificate Manager (ACM)

  1. Navigate to ACM (Certificate Manager) in the N. Virginia (us-east-1) region. CloudFront requires certificates to be issued from this region.
  2. Click “Request a certificate” → Choose “Request a public certificate”.
  3. Enter your domain names:

Article content
Requesting public certificates for domain.

  1. Select DNS Validation (especially easy if you're using Route 53).
  2. ACM will provide CNAME records for DNS validation.


Article content
Created CNAME Records

  1. Go to your domain registrar’s DNS settings and add the CNAME records.
  2. Wait a few minutes — once validated, your certificate status will show as “Issued”.


Article content
Issued Certificate

✅ Step 2: Set Up a CloudFront Distribution

CloudFront acts as a secure CDN layer in front of your S3 website and handles HTTPS termination.

  1. Head over to CloudFront > Create Distribution
  2. Configure the following:

Article content
Allowing Public Access


Article content
Selecting Price Class where my site will deliver fast access


Article content
Redirect HTTP To HTTPS

  1. Save and deploy your distribution. This might take 5–10 minutes.


Article content
Distribution Created


Recommended by LinkedIn

Legacy Code and AWS CloudFront SNI Problem
Legacy Code and AWS CloudFront SNI Problem
Marjan Sterjev 9 years ago
Azure DNS Private Resolver
Azure DNS Private Resolver
Shaon M. 1 year ago
Securing Microsoft Fabric with Private Link
Securing Microsoft Fabric with Private Link
Troy Ault 1 year ago
Article content
Distribution Deployed

✅ Step 3: Update DNS Settings in Route 53

Once CloudFront is deployed:

  1. Copy the CloudFront domain name, e.g. d123abcxyz.cloudfront.net
  2. Go to Route 53 > Hosted Zones > saurabhbatra.net.in
  3. Create or edit the A record for your root domain:


Article content
A record alias to Cloud Distribution

✅ Step 4: Test Your Website

After DNS propagation:

🔗 Visit: https://saurabhbatra.net.in

You should now see your S3 static site loading securely over HTTPS in the address bar.


Article content
Secure Connection is showing




Article content
Certificate Issuer details

💡 Why This Setup is Powerful

  • Free SSL via ACM
  • Global CDN with CloudFront
  • Improved SEO thanks to HTTPS
  • Blazing fast static delivery with edge caching

🔚 Final Thoughts

This approach lets you host a fully secure, fast, and scalable static website using nothing but S3 + CloudFront + ACM.

If you found this useful, feel free to like, comment, or share with someone who’s building their portfolio site, blog, or landing page with AWS.

💬 Have questions or need help? Let’s connect!


To view or add a comment, sign in

More articles by Saurabh Batra

See all articles

Others also viewed

Explore content categories