More and more, all sites are running over HTTPS / SSL. I personnally think that, in the near future, port 80 / http will die, and all pages will be served in SSL.
One reason for that, is the work done by the “Let’s Encrypt” team.
Look at their sponsors, it’s all the major names of the industry. And, beginning January 2018, they will also offer free “wildcard” certificates!
So, i’ll explain you how to configure that ssl certificate on your Windows EC2 server running IIS.
The LetEncrypt protocole can be a little difficult to setup. But, one person did a tool that make ssl certification very easy.
That tool is called “letsencrypt-win-simple“, (now win-acme)hosted on github.
First, you need to configure your site in IIS in standard http. (look at others chapters to configure IIS and get a fixed IP).
Then, download letsencrypt-win-simple, open a command prompt in administrator mode. Start the executable, and it will list all your sites in IIS. Choose the site you want to secure. The tool will create a file in your site root folder, some communications will be done between your server and the letsencrypt api. Your site needs to be reachable from its public IP and domain name.
Then, that’s all, the certificate is added to IIS, and the binding is also linked to your site.
These free certificates are valid for 2 months, but the letsencrypt-win-simple app auto-add itself to your “windows task manager”, and it’s running every day to automatically renew all your expired certificates. So, you don’t need to re-run that procedure, everything is automated and works very fine.
I suggest run that on an empty site (with a simple empty default.aspx / index.htm page), before installing WordPress, because you want to configure your wordpress in https. It can be hard to move from http to https in wordpress after the initial setup, if you have some content that includes your absolute url with “http://” hard-coded url.