0

I'm managing a domain at AWS Route 53 and I have a service exposed as an api on 3 servers spreaded across 3 main zones: us, asia, eu.

I created a traffic policy to redirect clients based on latency to the appropriate zone(s).

So client comes in via api.example.com, enters this latency based policy and exits at the closest server. Which works...with one problem though. I don't know how to enable https so I can have my clients use https://api.example.com.

Any ideas?

Romeo Mihalcea
  • 9,714
  • 12
  • 50
  • 102

1 Answers1

1

SSL (HTTPS) is completely unrelated to all the Route53 stuff you talked about in your question. You need to install an SSL certificate on the server, or on the load balancer if you are using a load balancer. You can also install the SSL certificate at your CDN, if you are using one.

Route53 is a DNS service. Route53 does not manage the protocol of a service, and it does not manage encryption. Route53 (DNS) just allows a client to lookup an IP based on a hostname.

Mark B
  • 183,023
  • 24
  • 297
  • 295
  • Oh ok. So if my endpoints have SSL it will work I suppose. This means I will have to route them to domain names because I'm routing to server ip addresses now? – Romeo Mihalcea Jan 26 '17 at 00:28
  • 2
    Yes, you seem to think your traffic is "going through" Route53 somehow, but it isn't. Route53 is just telling the client which IP address to use for a hostname. All hostnames eventually resolve down to an IP address, so what you are doing now should be fine. Just have the endpoint return an SSL certificate that matches the domain name in the HTTPS request. – Mark B Jan 26 '17 at 00:36