If you have recently setup an Amazon EC2 instance and would like to configure access to Port 443 (HTTPS:// traffic) on your new instance, there are a few things you should do.
Table of Contents
First Step – Allow Port 443 in your Security Group
Firstly, you need to tell your EC2 instance that it is allowed to accept traffic via port 443 (and port 80 if you wish to allow ordinary web traffic to get through).
Go to your Amazon EC2 admin panel, and note which Security Group your EC2 instance is in (say, “Quicklaunch-1”).
Go to the “Security Groups” screen and click on the Quicklaunch-1 security group. At the bottom, you’ll see options. Under “Inbound” select “Create a New Rule” and select the port you wish to open (i.e. HTTPS) and press “Add Rule” and don’t forget to press “Apply Rule Changes” when you’re done.
Next Step – Install Mod_SSL
Allowing traffic is one thing, but your server needs to know what to do with this traffic. You need to install an apache webserver and install mod_SSL and turn it on. Run the following command:
yum install httpd mod_ssl -y
Then restart (or start) your web server with the following command:
service httpd restart
Install and configure a security certificate
You then need to install and configure a security certificate. We use Let’s Encrypt for this, though it has to be said that (if using AWS Linux) the renewal process is sometimes a little tricky.
If you’re interested in how to add Let’s Encrypt certs into EC2 instances, leave a comment below, or hire Silicon Dales to get this done for you.
Remember, if you’re using Amazon Linux (a mostly CentOS flavour) then you’ll want to add “sudo” to the start of each command, or, more simply, after login to SSH, just type “Sudo -i” and hit return.
Also, note, you’ll very want to install a security certificate for this traffic via SSL… For that, another tutorial. Leave a comment if you’d like to know this.
Thanks for the nice post. I have been using AWS free tier for a little while and enjoy it. FYI – you can always just run sudo su – in your shell to move to root and not have to type sudo all the time. Now if I can just see real time usage, so if I go over free tier I’ll know?