Secure your Amazon CloudFront CDN using Let’s Encrypt SSL certificates

Amazon Web Services secured with Let's Encrypt certificates

Amazon Web Services (AWS) offers a wealth of services for site owners. A service I particularly enjoy is the inexpensive CloudFront CDN which lets me deliver static content, like downloads and update information for my software, very fast to people across the world. What became apparent is that while it was fast and cheap, it wasn’t the most secure solution. Anyone could forge the update response and mislead my users to downloading a modified package full of malware. The solution was to use an SSL certificate with the CDN, ensuring the integrity of the downloads and update information. For this purpose I used Let’s Encrypt™ which allows you to create properly singed SSL certificates for free. The process is non-obvious so I’m documenting this for you.

Read more “Secure your Amazon CloudFront CDN using Let’s Encrypt SSL certificates”