Dropshare User Guide

Search for answers to your questions by entering keywords below, or look through our knowledge base.

Contact Support | Community | Video Tutorials

How to use Amazon S3 bucket and custom domain with SSL certificate

Article provided by Stefan Zweifel - thank you!

Here's a quick step by step guide, on how I've created a new S3 bucket, Cloudfront distribution and a life cycle rule to replicate my current setup on AWS.

Creating the S3 bucket

In this post I'm using the domain drop.wnx.ch as an example. Update the mention of the domain when you apply this guide for your own use case.

First we need a new AWS S3 bucket.

  1. Create a new S3 bucket in the AWS Console called drop.wnx.ch
  2. Uncheck the "Block all public access" setting. The files we will upload via Dropshare have to be public after all.

Now we could use the "Virtual Hosting" feature of S3 to use drop.wnx.ch to serve our files. You would have to add a CNAME DNS record like this. (Don't do this yet)

drop.wnx.ch CNAME drop.wnx.ch.s3-eu-central-1.amazonaws.com.

This CNAME record would allows us to access the uploaded files via HTTP on drop.wnx.ch but not under HTTPS.

Let's add an SSL certificate so we can serve our files under HTTPS.

SSL certificate and Cloudfront distribution

Let's create a SSL certificate through the Certificate Manager. It's important that you select the us-east-1 region to make this all work.

Click on "Request a Certificate" and follow the instructions. I've chosen to validate my domain through DNS. In a matter of seconds the SSL certificate has been issued and is ready to be used.

Cloudfront distribution

We can't assign the newly created SSL certificate to our S3 bucket directly. We have to put a Cloudfront distribution in between.

  1. Open the Cloudfront Console and click on "Create Distribution".
  2. Under "Origin Domain Name" select your S3 bucket. The UI should auto select a bunch of settings. Feel free to adjust them to your liking or keep them as is.
  3. Under "Distribution Settings" add our custom domain drop.wnx.ch to the "Alternate Domain Names (CNAMEs)" field.
  4. Under "SSL Certificate" select "Custom SSL Certificate (example.com)" and select our previously created SSL certificate from the list of options.

Click on "Create Distribution" to deploy the distribution. This might take a while.

After your distribution has been successfully deployed, you should see it in the index table. Copy the value of "domain name" to your clipboard. For me the value looks something like this:


In your DNS settings for your domain, add now a new CNAME record for drop.wnx.ch that points to the Cloudfront distribution.

drop.wnx.ch. CNAME d1bvtdh7okatwj.cloudfront.net.

Let's set up Dropshare to use our S3 bucket.

Add S3 bucket to Dropshare

In Dropshare, go to "Settings" → "Connections" → "+ New Connection" → "Third Party Cloud" → "AWS S3".

If you have a dedicated Amazon user for Dropshare, great! If not, best follow this documentation by Dropshare on how to create a new user with the correct permissions.

After DNS propagation our uploaded and shared files should be available under https://drop.wnx.ch (or whatever domain you're using).

Extra: Automatically delete older files

In the beginning of this post I've mentioned that on my old setup, I've used a shell script to automatically delete files older than 24 hours.

You can replicate this behaviour by using S3's lifecycle rules.

  1. In your Bucket settings, navigate to "Management" → "Lifecycle Rules". Click on "Create Lifecycle Rule"
  2. Give the rule a good name and select the scope "This rule applies to all objects in the bucket". Acknowledge that this rule will apply to all items in this bucket.
  3. Select the "Expire current versions of objects" action in the list
  4. Enter the desired number of day in "Number of days after object creation" after when files should automatically be deleted.

Hit "Create Rule" and you're done.

Was this article helpful?
2 out of 2 found this helpful