To configure SSL on your static s3 website first of all you need a SSL certificate. you can get it from other SSL providers like Godaddy and import it into the AWS Certificate Manager (ACM).

if you don’t have any SSL certificate with you, you can simply request it from AWS Certificate Manager (ACM), the process is very easy.
Navigate to ACM console and click Request a certificate.
Choose Request a public certificate.
Under Add domain names section mention the domain name you wish to get the certificate.
Under Select validation method choose DNS validation.
Click next add any Tags.
Review and Confirm Request.


After you confirm the request it will generate a key and a value which needs to be added to the DNS provider Route53 or other as a CNAME, this is to confirm that you own the domain.

After you have added CNAME record in DNS give it couple of minutes then come back to ACM console and hit refresh you will have your SSL issued. However this public certificate from ACM can’t be exported and used for other applications like Apache or Nginx on EC2. It can only be used with few AWS services like Load Balancer and Cloudfront(CDN).

Configure AWS Cloudfront (CDN) for static S3 website

Now after we have a valid SSL certificate we need to use it on the Cloudfront which is AWS CDN.
Navigate to Cloudfront from AWS console.
Click Create Distribution.
Under delivery method click on Get Started for web.
Previous step will open up configuration screen which you configure as follows.
Origin Settings:
Origin Domain Name choose the bucket where site is hosted.
Restrict Bucket Access choose yes.
Origin Access Identity choose Create a New Identity.
Grant Read Permissions on Bucket choose Yes, Update Bucket Policy
Leave other options under this section default.
Default Cache Behavior Settings:
Viewer Protocol Policy set it to Redirect HTTP to HTTPS.
Leave other options under this section default.
Distribution Settings
Alternate Domain Names (CNAMEs) mention the domain name which you used while requesting the certificate from ACM.
SSL Certificate select Custom SSL Certificate and from dropdown menu select the certificate previously issued by ACM.
For Default Root Object mention index.html
Leave everything else as default and click Create Distribution.

The Distribution creation can take some time it will show the status as In Progress you can check its status by navigating to the Cloudfront distributions. Once the Status is Deployed you can go ahead with the domain pointing.

Navigate to Route53 select the Hosted Zone for your domain and then Create a new Record. This new record of Type A is an alias to the CDN distribution we created earlier. You may be doing it in different UI as AWS is changing the UI of services but the concept is same.

After you create the record in route 53 it may take couple of minutes for DNS propagation but soon you will be able to access your static s3 website using secure HTTPs protocol.

Feel free to let me know in the comment section if it worked for you or you are facing any errors.