Posted On: Mar 5, 2014
We are excited to announce that you can now use your own SSL certificates with Amazon CloudFront at no additional charge with Server Name Indication (SNI) Custom SSL. SNI is supported by most modern browsers, and provides an efficient way to deliver content over HTTPS using your own domain and SSL certificate. There are no additional certificate management fees to use this feature; you simply pay normal Amazon CloudFront rates for data transfer and HTTPS requests.
SNI Custom SSL relies on the SNI extension of the Transport Layer Security protocol, which allows multiple domains to serve SSL traffic over the same IP address by including the hostname viewers are trying to connect to. Amazon CloudFront delivers your content from each edge location and offers the same security as the Dedicated IP Custom SSL feature. SNI Custom SSL works with most modern browsers, including Chrome version 6 and later (running on Windows XP and later or OS X 10.5.7 and later), Safari version 3 and later (running on Windows Vista and later or Mac OS X 10.5.6. and later), Firefox 2.0 and later, and Internet Explorer 7 and later (running on Windows Vista and later). Some users may not be able to access your content because some older browsers do not support SNI and will not be able to establish a connection with CloudFront to load the HTTPS version of your content. If you need to support non-SNI compliant browsers for HTTPS content, we recommend using our Dedicated IP Custom SSL feature.
Set up is easy: simply follow the instructions outlined in the CloudFront Developer Guide and start serving your content quickly and securely.
You can also now configure Amazon CloudFront to require viewers to interact with your content over an HTTPS connection using the HTTP to HTTPS Redirect feature. When you enable HTTP to HTTPS Redirect, CloudFront will respond to an HTTP request with a 301 redirect response requiring the viewer to resend the request over HTTPS. There are no additional charges for using HTTP to HTTPS Redirect, but standard request fees apply.
To learn more about the Amazon CloudFront SNI Custom SSL or HTTP to HTTPS Redirect features, please visit the Amazon CloudFront Custom SSL Page or the CloudFront Developer Guide.