technology

SSL Enabled

I’m not quite ready to redirect everyone to https://ideoplex.com/, but it’s up and running.

The first step is to understand what you’re getting into. Bryce Fisher-Fleig’s post setting up ssl on aws cloudfront and s3 gives a good overview of the entire process. I’d recommend creating a new AWS IAM policy for Server Certificate Management as shown here rather than using the unlimited policy shown by Bryce.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1445197062000",
            "Effect": "Allow",
            "Action": [
                "iam:DeleteServerCertificate",
                "iam:GetServerCertificate",
                "iam:ListServerCertificates",
                "iam:UpdateServerCertificate",
                "iam:UploadServerCertificate"
            ],
            "Resource": [
                "arn:aws:iam::account_number:*"
            ]
        }
    ]
}

The next step is to get a SSL Certificate. I found two free options (http://www.startssl.com/ and http://letsencrypt.org/), but the reviews on StartSSL were a bit mixed and LetsEncrypt is still in beta. After poking around the internet, I decided to buy a 3 year certificate from SSLs.com for about $15. I have some experience with self-signed certificates, so it was pretty smooth sailing from there.