For anyone who has problem with validation timeout: You need also to set CNAME record to hosted zone. Once the validation is triggered open details of the request and you will see columns with CNAME name and CNAME value - this needs to be added for aws for validation.
Yes, as shown in the video from 4:40 and onwards 😄 You could also manually create the Hosted Zone CNAME records by copying the values from the columns CNAME name and CNAME value. This way you can validate a certificate even if the Hosted Zone isn't in the same AWS account as the certificate 😄
@@EndreSynnes sure, but considering few people here had issues with timeouts, i suppose they had watched in the same manner as I did and forgot to set it up😅
How do I associate the SSL certificate with the WordPress site? WordPress shows it doesnt have the SSL yet but the process of this video was done perfectly.
Hi, thank you for the question! 😄 I don't have that much experience with WordPress, but as shown in this article ( aws.amazon.com/blogs/networking-and-content-delivery/how-to-accelerate-your-wordpress-site-with-amazon-cloudfront/ ) from the AWS documentation, it should be possible to combine an ACM SSL certificate with WordPress. I guess using CloudFront would be a good idea to enable HTTPS traffic. I also found this discussion where they talk about using ACM SSL certificates with WordPress: superuser.com/questions/1426886/how-can-i-link-aws-ssl-to-aws-wordpress I hope could help you!😄
Hi, sorry for the late response. I think I might need some more information to understand where the problem could be, but here are some initial thoughts I have of what could be the cause: - The subdomain is not defined in the certificate. - The web server is not able to retrieve the certificate from ACM. - The certificate is not verified. I hope this was somewhat helpful if you haven't already figured it out? 😄
Hi 😊 This depends on how you application is deployed. If you make use of AWS CloudFront then I suggest watching my video here: ruclips.net/video/M0GfSXr75iU/видео.html If it's an API deployed using an AWS API Gateway, then I suggest watching this video: ruclips.net/video/JKI0td7QXTQ/видео.html I hope this was helpful! 😄
Hi 😄 Sorry for the late response. So, if I understand correctly, you have already had a certificate that has expired? Which might explain the error you get. If so, then I would guess that your application is not able to retrieve the new certificate. Let me know if this is not the case 😄
Hi 😄 I'm sorry for the late response. What do you mean you're not able to get HTTPS? Have you made use of the certificate in for example your CloudFront distribution or API Gateway?
Hi, thank you so much!😄 Usually it takes a few minutes (maybe 5-10), but it could also take a couple hours. If it’s not valid by now (and you have followed all the steps mentioned in the video), I would assume there is a validation issue.
I did the same thing and my ssl is validated but my domain with is not accessible it just loads forever and timeout. (btw i am using domain from godaddy and change the ns to route 53 ones)
Hi, Have you configured your API/CloudFront distribution/VPC to accept https traffic? Simply creating the SSL certificate and verifying it won't enable https traffic by itself, but this makes it possible to enable https traffic :) How is your application/network configured (using CloudFront, AWS API Gateway or VPC)? This will determine how to enable https traffic using your certificate.
Hi, sorry for the late reply! Creating a certificate in ACM will not automatically enable HTTPS traffic to your applications. This depends on how your application is configured or deployed. If you for example use AWS CloudFront, then you must enable HTTPS there, as described in this documentation: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html . I'll try to make a video about this in the future. If you are using AWS API Gateway, then you can follow the steps in my other video: ruclips.net/video/JKI0td7QXTQ/видео.html&lc=Ugx1hrcf6Gb1pcrECnt4AaABAg. I hope this was helpful in any way! 😄
When you regiter a domain from aws, it creates hostedzone automatically^ To those who're new to all purchasing domains. It will help you out. Look in the left panel of Route53 and you can find Register Domain option.
Yes that’s right, that way you also don’t need to manually register the name servers of your Hosted Zone with your domain prover. The reason why I didn’t register it with AWS was that it at that time were cheaper to register it elsewhere 😊
Hey, i have followed all the steps and the certificate is also issued . But when i open my website it is still showing not secure. Can you please help why is this happening or is there something I have to choose to get https
Hi, thank you for the question :) Creating a certificate in ACM will not automatically enable HTTPS traffic to your applications. This depends on how your application is configured or deployed. If you for example use AWS CloudFront, then you must enable HTTPS there, as described in this documentation: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html . I'll try to make a video about this in the future. If you are using AWS API Gateway, then you can follow the steps in my other video: ruclips.net/video/JKI0td7QXTQ/видео.html&lc=Ugx1hrcf6Gb1pcrECnt4AaABAg. If you are using an AWS Elastic Load Balancer, then you have to enable HTTPS there, and select the certificate you just created. Again this depends on how and where your application is deployed. I hope this was helpful in any way! 😄
@@EndreSynnes What if we transferred our to AWS Route53 from siteground. Would we then setup a new Cloudfront distribution pointing to the same gateway server that the Route53 is so we can enable the certificate?
@@KobraTrading Hi, sorry for the late reply. Transferring the domain to AWS should not be necessary. You could do that if you want tho. As shown in the video I linked in the previous comment, you can just create a custom domain in the API Gateway settings. This will create a hidden CloudFront distribution in front of your Gateway. HTTPS should then be enabled. If you want you could also create a custom CloudFront distribution that points to the API gateway. Then you can point the Rote53 HostedZone record to the CloudFront distribution (and not the API Gateway). The API Gateway will then be the origin where CloudFront forwards your request. If you want to create a custom CloudFront distribution for an API Gateway, then this article may help: aws.amazon.com/premiumsupport/knowledge-center/api-gateway-cloudfront-distribution/ I hope this was helpful! :D
Hi :) Hmm, that's strange. It could be that you just have to wait for a couple more hours. It could also happen if for instance you very recently (within 24 hours) bought your domain, or bought your domain from another domain provider than AWS and just recently updated your name server (NS) config to point to the AWS name servers, then It could take up to a day for it to take effect. This can maybe cause the certificate to still be pending, but I'm not sure. Please let me know if this was helpful or if It got resolved by waiting a couple more hours :)
@@akashjain3254 I see, so you have just created the Route53 Hosted Zones? You need to either buy the domain using AWS Route53 or another Domain provider. ALTERNATIVE ONE: If you buy the domain using Route53, then a Hosted Zone will be created for you. You should then be able to follow my video from here ruclips.net/video/ookzXuMr8eY/видео.html . ALTERNATIVE TWO: If you buy the domain using another domain provider (like I have done in this video), then you need to update the name server (NS) configuration on your domain providers website to point to the name servers listed in your Route53 Hosted Zone. You should only create certificates for domains that you manage/own. I hope this was helpful! :)
Thank you 😄 Yes you are right, I didn't make use of the domain or certificate in this video. This video was only intended to show how to deploy a hosted zone (domain) and how to create and validate a certificate for that domain. How to enable HTTPS on your applications depends on how the application is deployed. Therefore I have created separate videos on this, both for API Gateways (ruclips.net/video/JKI0td7QXTQ/видео.html) and CloudFront distributions (ruclips.net/video/M0GfSXr75iU/видео.html). Keep in mind that CloudFront have had some updates since I uploaded this video, so I will create a new one at some point. Still it's highly relevant and could be used as a guide for enabling HTTPS. I hope this was somewhat clarifying? 😄
Have searched most of youtube - everyone shows you how to get an ssl cert, that bit was simple - but nobody on earth or in the universe knows how to change your aws domain from http to https - yes we all have certificates but they don't work!!!!!
Hi 😄 Well, changing the domain from http to https, depends on how/where your applications are deployed. If you make use of AWS CloudFront, then you should be able to block HTTP requests and only allow HTTPS, or redirect users to HTTPS if they make requests using HTTP. In CloudFront you can then make use of the certificate you requested using AWS ACM (given the certificate is created in the us-east-1 region). If you make use of AWS Elastic Load Balancing, then you should also be able to utilize your AWS ACM certificate ( aws.amazon.com/premiumsupport/knowledge-center/associate-acm-certificate-alb-nlb/ ) and thus enable HTTPS. This is a very interesting topic, which I'll see if can cover more in later videos😄 By the way, in the next video I'll go through the steps of creating a custom domain for an API Gateway, here I'll make use of an AWS ACM certificate. I hope this was somewhat helpful 😄
hmm seems not working with a wordpress site... unbelievable how much time you have to spend get a SSL certificate in CHATGPT-age ... thanks anyway for your video
Hi😄 I see, I haven't tried it with a Wordpress site myself, but did you manage to get a valid certificate for your domain? In other words, does it say it's valid in AWS Certificate Manager? 😄
Hi 😊 That's strange, have you done an NS lookup to see that name servers your domain is connected to at the moment? If you have updated the name server settings on godaddy (www.godaddy.com/help/change-nameservers-for-my-domains-664), it should point to the aws name servers.
Video is great, but AWS sucks. There is no easy option just to set HTTPS for a domain (purchased with AWS), and to use Load Balancer costs $18.00 a month. Firs and last time I have used AWS for any of my personal projects... And yeah, I need to pay $18.00 a month just to have HTTPS for a page that will be used only by two people...
Thank you! 😊 Yes, AWS managed Load Balancers can unfortunately be quite expensive 😅 Just out of curiosity, if it's just a simple web page (no backend), is there a reason you don't just use AWS S3 and CloudFront to enable https on your website? Since this doesn't cost that much. Or if it's a backend, maybe a serverless architecture with AWS Lambda could be an alternative? Of course this assumes that's a viable option for your use case 😊
@@EndreSynnes Hi Endre, to be honest it is a mess 😂 Right now there is just some FE, but since it is used for company API documentation and buch of other integration and knowledge base documents (to be added) it needs to have Backend and DB. I was able to do it eventually (free of charge) by connecting with SSH and installing Apachee server and then do the configuration. It needed som hustle, but now page is HTTPS. Not that hard actually and it works. One advise - don't believe everything ChatGPT says... I needed to reinstall everything at one point because I blindly followed instructions... Well it turnsout StackOwerflow and Google is still the best friend you can have when you get stuck ;)
Clean and clear demo, exactly what I was looking for. Thanks much !
Thank you so much! 😄
short video with a big content. just great 👍 !
Thank you so much!😄
Super useful Endre !! It's solved my issue.
Thank you so much! I'm glad it was helpful 😄
For anyone who has problem with validation timeout:
You need also to set CNAME record to hosted zone.
Once the validation is triggered open details of the request and you will see columns with CNAME name and CNAME value - this needs to be added for aws for validation.
Yes, as shown in the video from 4:40 and onwards 😄 You could also manually create the Hosted Zone CNAME records by copying the values from the columns CNAME name and CNAME value. This way you can validate a certificate even if the Hosted Zone isn't in the same AWS account as the certificate 😄
@@EndreSynnes sure, but considering few people here had issues with timeouts, i suppose they had watched in the same manner as I did and forgot to set it up😅
That's true, there have been some questions regarding validation issues 😅 Hopefully this thread will be helpful for some 😄
how many time do u had have to wait for the validation?
thank you veeery much, you help us a lot
Glad I could help!😄
Awesome Video! I like how you explain everything!
Thank you so much!😄🙌🏼
Thank you for the video, that was very helpful.
Thank you so much! I’m glad you found it helpful😄
Well Explained It was really helpful brother. Thanks alot
Thank you so much! I'm glad you found it helpful 😄
Thank you for the detail! That worked. :)
I’m glad you found it helpful 😄
million thanks man...
I’m glad you found it helpful 😄
Hi, I purchased a domain in godaddy and I followed these steps. However, it is still not working
Hi 😄 could you elaborate what exactly dosen't work? Isn't the SSL Certificate successfully validated in AWS Certificate Manger?
Thanks a lot. Exactly what I needed to know. I hate bloated aws documentation.
Thank you so much! 😄 Yes the documentation isn't always that good 😅
I don’t get it . If you are not uploading anything to AWS in server.js what is getting stored in S3 when a call is sent to generateUrl()?
Hi 😄
I'm sorry, I don't quite understand your question? what server.js file are you thinking about and what "generateUrl" function do you mean? 😊
Great video, subscribed!
Thank you! :D
thanks for this
very helpful, thanks.
How do I associate the SSL certificate with the WordPress site? WordPress shows it doesnt have the SSL yet but the process of this video was done perfectly.
Hi, thank you for the question! 😄
I don't have that much experience with WordPress, but as shown in this article ( aws.amazon.com/blogs/networking-and-content-delivery/how-to-accelerate-your-wordpress-site-with-amazon-cloudfront/ ) from the AWS documentation, it should be possible to combine an ACM SSL certificate with WordPress. I guess using CloudFront would be a good idea to enable HTTPS traffic.
I also found this discussion where they talk about using ACM SSL certificates with WordPress: superuser.com/questions/1426886/how-can-i-link-aws-ssl-to-aws-wordpress
I hope could help you!😄
I have domain with https and i created a sub domain and point to a web server but subdomain with https not working pls
Hi, sorry for the late response.
I think I might need some more information to understand where the problem could be, but here are some initial thoughts I have of what could be the cause:
- The subdomain is not defined in the certificate.
- The web server is not able to retrieve the certificate from ACM.
- The certificate is not verified.
I hope this was somewhat helpful if you haven't already figured it out? 😄
great job!
Thank you so much!😄
Please how to make those certificate "in use" since all domains remains http instead "https"
Hi 😊
This depends on how you application is deployed. If you make use of AWS CloudFront then I suggest watching my video here: ruclips.net/video/M0GfSXr75iU/видео.html If it's an API deployed using an AWS API Gateway, then I suggest watching this video: ruclips.net/video/JKI0td7QXTQ/видео.html
I hope this was helpful! 😄
the status is issued but still when i open the domain in my browser it shows invalid date..please help
the SSL status is till expired
Hi 😄 Sorry for the late response.
So, if I understand correctly, you have already had a certificate that has expired? Which might explain the error you get. If so, then I would guess that your application is not able to retrieve the new certificate. Let me know if this is not the case 😄
Thank you Sir
Good one👍
Thank you!🙌🏼
I followed every step as it is, but I'm still not getting https, please help!
Hi 😄 I'm sorry for the late response.
What do you mean you're not able to get HTTPS? Have you made use of the certificate in for example your CloudFront distribution or API Gateway?
Hey. nice video! Quick question - how long does it take for certificate to issue?
Hi, thank you so much!😄
Usually it takes a few minutes (maybe 5-10), but it could also take a couple hours. If it’s not valid by now (and you have followed all the steps mentioned in the video), I would assume there is a validation issue.
thank you quite helpful
Thank you, I’m glad it was helpful!😄
I did the same thing and my ssl is validated but my domain with is not accessible it just loads forever and timeout. (btw i am using domain from godaddy and change the ns to route 53 ones)
Hi,
Have you configured your API/CloudFront distribution/VPC to accept https traffic? Simply creating the SSL certificate and verifying it won't enable https traffic by itself, but this makes it possible to enable https traffic :)
How is your application/network configured (using CloudFront, AWS API Gateway or VPC)? This will determine how to enable https traffic using your certificate.
You da best
Thank you so much! :)
Hi I did this. But it still shows that my website is not secure. How do I change http to https? Please help
Hi, sorry for the late reply!
Creating a certificate in ACM will not automatically enable HTTPS traffic to your applications.
This depends on how your application is configured or deployed. If you for example use AWS CloudFront, then you must enable HTTPS there, as described in this documentation: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html . I'll try to make a video about this in the future. If you are using AWS API Gateway, then you can follow the steps in my other video: ruclips.net/video/JKI0td7QXTQ/видео.html&lc=Ugx1hrcf6Gb1pcrECnt4AaABAg.
I hope this was helpful in any way! 😄
Don't we have to register the domain?
Yes that’s right, I mention It as a prerequisite at 0:30 😄
When you regiter a domain from aws, it creates hostedzone automatically^ To those who're new to all purchasing domains. It will help you out. Look in the left panel of Route53 and you can find Register Domain option.
Yes that’s right, that way you also don’t need to manually register the name servers of your Hosted Zone with your domain prover. The reason why I didn’t register it with AWS was that it at that time were cheaper to register it elsewhere 😊
thank you
Hey, i have followed all the steps and the certificate is also issued . But when i open my website it is still showing not secure. Can you please help why is this happening or is there something I have to choose to get https
Hi, thank you for the question :)
Creating a certificate in ACM will not automatically enable HTTPS traffic to your applications.
This depends on how your application is configured or deployed. If you for example use AWS CloudFront, then you must enable HTTPS there, as described in this documentation: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html . I'll try to make a video about this in the future. If you are using AWS API Gateway, then you can follow the steps in my other video: ruclips.net/video/JKI0td7QXTQ/видео.html&lc=Ugx1hrcf6Gb1pcrECnt4AaABAg. If you are using an AWS Elastic Load Balancer, then you have to enable HTTPS there, and select the certificate you just created.
Again this depends on how and where your application is deployed. I hope this was helpful in any way! 😄
@@EndreSynnes What if we transferred our to AWS Route53 from siteground. Would we then setup a new Cloudfront distribution pointing to the same gateway server that the Route53 is so we can enable the certificate?
@@KobraTrading Hi, sorry for the late reply. Transferring the domain to AWS should not be necessary. You could do that if you want tho. As shown in the video I linked in the previous comment, you can just create a custom domain in the API Gateway settings. This will create a hidden CloudFront distribution in front of your Gateway. HTTPS should then be enabled.
If you want you could also create a custom CloudFront distribution that points to the API gateway. Then you can point the Rote53 HostedZone record to the CloudFront distribution (and not the API Gateway). The API Gateway will then be the origin where CloudFront forwards your request.
If you want to create a custom CloudFront distribution for an API Gateway, then this article may help: aws.amazon.com/premiumsupport/knowledge-center/api-gateway-cloudfront-distribution/
I hope this was helpful! :D
Great
Hi I have followed all your steps, but my certificate still in pending state for last 2 hours
Hi :)
Hmm, that's strange. It could be that you just have to wait for a couple more hours. It could also happen if for instance you very recently (within 24 hours) bought your domain, or bought your domain from another domain provider than AWS and just recently updated your name server (NS) config to point to the AWS name servers, then It could take up to a day for it to take effect. This can maybe cause the certificate to still be pending, but I'm not sure.
Please let me know if this was helpful or if It got resolved by waiting a couple more hours :)
@@EndreSynnes I have not bought the domain , I have just created on AWS route 53
@@akashjain3254 I see, so you have just created the Route53 Hosted Zones?
You need to either buy the domain using AWS Route53 or another Domain provider.
ALTERNATIVE ONE: If you buy the domain using Route53, then a Hosted Zone will be created for you. You should then be able to follow my video from here ruclips.net/video/ookzXuMr8eY/видео.html .
ALTERNATIVE TWO: If you buy the domain using another domain provider (like I have done in this video), then you need to update the name server (NS) configuration on your domain providers website to point to the name servers listed in your Route53 Hosted Zone.
You should only create certificates for domains that you manage/own.
I hope this was helpful! :)
same issue, i create this and have 30hs and nothing happens with domains not created by aws, i have another domain created in aws and works fine
@@bkunace That's strange, have you done an NS lookup with your domain? If so, do you get the aws name servers in response?
Good job. You did everything except the laststep and you did not show if the https is working
Thank you 😄
Yes you are right, I didn't make use of the domain or certificate in this video. This video was only intended to show how to deploy a hosted zone (domain) and how to create and validate a certificate for that domain. How to enable HTTPS on your applications depends on how the application is deployed. Therefore I have created separate videos on this, both for API Gateways (ruclips.net/video/JKI0td7QXTQ/видео.html) and CloudFront distributions (ruclips.net/video/M0GfSXr75iU/видео.html). Keep in mind that CloudFront have had some updates since I uploaded this video, so I will create a new one at some point. Still it's highly relevant and could be used as a guide for enabling HTTPS.
I hope this was somewhat clarifying? 😄
thanks
Can you please post a video of How to import SSL from third party and using in Domain Hosted in Route53 AWS please
Hi😄 This sounds interesting and I will look into it 🙌
@@EndreSynnes , theyve got an option in ACM for the same now
@@smokinreelsfishing Yes I know 😄 I haven't tested importing SSL certificates in ACM myself, but I guess it shouldn't be an issue 😄
Have searched most of youtube - everyone shows you how to get an ssl cert, that bit was simple - but nobody on earth or in the universe knows how to change your aws domain from http to https - yes we all have certificates but they don't work!!!!!
Hi 😄
Well, changing the domain from http to https, depends on how/where your applications are deployed. If you make use of AWS CloudFront, then you should be able to block HTTP requests and only allow HTTPS, or redirect users to HTTPS if they make requests using HTTP. In CloudFront you can then make use of the certificate you requested using AWS ACM (given the certificate is created in the us-east-1 region).
If you make use of AWS Elastic Load Balancing, then you should also be able to utilize your AWS ACM certificate ( aws.amazon.com/premiumsupport/knowledge-center/associate-acm-certificate-alb-nlb/ ) and thus enable HTTPS.
This is a very interesting topic, which I'll see if can cover more in later videos😄 By the way, in the next video I'll go through the steps of creating a custom domain for an API Gateway, here I'll make use of an AWS ACM certificate.
I hope this was somewhat helpful 😄
Thanks for asking this question
Free or paid ssl certificate
The ssl certificate itself (created using AWS Certificate Manager) is free, as far as I know😊
hmm seems not working with a wordpress site... unbelievable how much time you have to spend get a SSL certificate in CHATGPT-age ... thanks anyway for your video
Hi😄
I see, I haven't tried it with a Wordpress site myself, but did you manage to get a valid certificate for your domain? In other words, does it say it's valid in AWS Certificate Manager? 😄
godaddy domain and I did everything described in the video, it doesn't work after 1 day
Hi 😊
That's strange, have you done an NS lookup to see that name servers your domain is connected to at the moment? If you have updated the name server settings on godaddy (www.godaddy.com/help/change-nameservers-for-my-domains-664), it should point to the aws name servers.
Video is great, but AWS sucks.
There is no easy option just to set HTTPS for a domain (purchased with AWS), and to use Load Balancer costs $18.00 a month.
Firs and last time I have used AWS for any of my personal projects... And yeah, I need to pay $18.00 a month just to have HTTPS for a page that will be used only by two people...
Thank you! 😊
Yes, AWS managed Load Balancers can unfortunately be quite expensive 😅 Just out of curiosity, if it's just a simple web page (no backend), is there a reason you don't just use AWS S3 and CloudFront to enable https on your website? Since this doesn't cost that much.
Or if it's a backend, maybe a serverless architecture with AWS Lambda could be an alternative? Of course this assumes that's a viable option for your use case 😊
@@EndreSynnes Hi Endre, to be honest it is a mess 😂
Right now there is just some FE, but since it is used for company API documentation and buch of other integration and knowledge base documents (to be added) it needs to have Backend and DB.
I was able to do it eventually (free of charge) by connecting with SSH and installing Apachee server and then do the configuration. It needed som hustle, but now page is HTTPS.
Not that hard actually and it works.
One advise - don't believe everything ChatGPT says... I needed to reinstall everything at one point because I blindly followed instructions...
Well it turnsout StackOwerflow and Google is still the best friend you can have when you get stuck ;)
what a great video!! thx alot
Thank you! 😄🙌🏼