I have a flask app which is nothing but my personal portfolio website. I have hosted it on a ec2 machine on port 80. The flask apps configuration looks like this - 0.0.0.0 port: 80. I got a domain registered on Route53 and got it linked through Hosted Zones. Below is my website/domain.
When I access it, and it shows that it is "Not secure". As I did a research I understood that I need a SSL/TLS certificate to be installed. I have many questions now:
Do I need to host my website under port 443(HTTPS) rather bein 80? FYI - The ec2 instance has port 80 and well as 443 open to be accessed from anywhere.
Any specific method to install it? - can AWS Certificate Manager handle it automatically? OR should I install a certificate on the EC2 to be able to make the domain secured?
A bit confused the path/method to follow. And if there is any resource that someone can share, that would be helpful. Thank you in advance.
I have tried to look into multiple resources, and saw method on gunicorn or nginx and also AWS Load Balancer. And all of them are a bit confusing.
You can deal these multiple ways.
Setup flask to host the certificate from Lets Encrypt Flask SSL . Since you are familiar with Python already, this might be more suitable for you.
Using NGINX Proxy Manager. I personally using this to host my Home Assistant setup at home. I am using docker of this to port-forward 443 to the host behind it. This does support integration with Lets Encrypt to provide free certificate NGINX Proxy Manager
If you want a bit more hands on, using NGINX acting as Reverse Proxy on the same instance with a free certificate from Let’s Encrypt will be the cheapest I can think of. However, this does need configuration to run Nginx and use an automatic certificate issue/renewal.NGINX RP with SSL
If you are having scalability and security in mind, it is better with an Application Load Balancer however additional costs are involved here.Link