Apply for SSL certificate on aws console.

  • Open cloudfront panel

  • choose to Create distribution button Create distribution panel

    • Origin path is where the index.html located
    • Origin name is the s3 bucket name and bucket must be publicly readable

  • In SSL certification section, choose custom SSL Certification and hit Request or Import Certificate with ACM

    Choose to request a certification

Request a certification

  • Copy the domain name of cloudfront distribution generated by aws. Choose to request a certification

  • Add domain name: Enter the domain name that you want to register.

Choose to request a certification

  • Next, it is request a validation.

    • Aws will scan the application and decide the security level.

Redirect to the domain address to the distribution for https requests.

  • Click one of record for example, wonderful.example.com

  • Change the Value/Route traffic to the domain name of cloudfront distribution

  • Open the broswer and type https://wonderful.example.com

  • It will shows the website as security page.

Example Website

Reference:

https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-requests-s3/