- VPC
- IGW
- Public subnet
- Route table subnet -> IGW
- EC2 Instance (Windows base 2019 - Free tier)
- T3.large - 80Gb
- Security group (Firewalling)
- RDP (TCP:3389) from 0.0.0.0/0 - (not SSH - windows machine)
- HTTP (TCP:80) from 0.0.0.0/0
- HTTPS (TCP:443) from 0.0.0.0/0
- Attach Elastic IP
- Route 53:
- not accessible with AWS training account
- DNS (UDP:53)
- Instance / Connect
-
Get the password using private key.
-
Connect through RDP on windows
-
Accept self signed Certificate
-
Server manager
- Add roles and features
- In server roles: Select Web Server (IIS)
- Install
-
Administrative tools / IIS / Default website
- in web browser: http:// (no certificate yet for https)
-
File / "add/remove snap ins"
-
in personal (folder)
Gandi.net
- login
- ... buy, paste your CSR
- select validation method
- via DNS: add DNS CNAME entry in route 53
- (can check if CNAME entry is propagated: MXtoolbox.com / CNAME lookup)
- via DNS: add DNS CNAME entry in route 53
Once generated - download CRT file
MMC CONSOLE / personal certificates / import
in IIS / bindings









