I finally got around to enabling https here. Some notes:

  1. Namecheap sells ssl certs via PositiveSSL/Comodo. I thought this would be easiest but they don’t really work with AWS.

    • I’ll never get that $7 back
    • It’s more work to import a 3rd party certificate vs. creating one on AWS
    • After importing the 3rd party certificate (which has to happen in N. Virgina) AWS still claims that it’s not from a trusted source
    • Other CNAME gotchas

  2. Amazon Certificate Manager allows one to create the certificate from AWS for free

    • They’ll auto generate the Route 53 CNAME rules for you
    • Still the same weird thing about how you need to do this in N. Virginia even if the rest of you site is elsewhere

  3. You need to add an “alias” rule to point your custom domain at Cloudfront.

I found this blog helpful