I’m not quite ready to redirect everyone to https://ideoplex.com/, but it’s up and running.
The first step is to understand what you’re getting into. Bryce Fisher-Fleig’s post setting up ssl on aws cloudfront and s3 gives a good overview of the entire process. I’d recommend creating a new AWS IAM policy for Server Certificate Management as shown here rather than using the unlimited policy shown by Bryce.
The next step is to get a SSL Certificate. I found two free options (http://www.startssl.com/ and http://letsencrypt.org/), but the reviews on StartSSL were a bit mixed and LetsEncrypt is still in beta. After poking around the internet, I decided to buy a 3 year certificate from SSLs.com for about $15. I have some experience with self-signed certificates, so it was pretty smooth sailing from there.