Skip to main content

Domain Setup (Wix + Elastic Beanstalk)

Scenario: subdomain api.yourdomain.com hosted on Elastic Beanstalk with DNS managed by Wix.

Prerequisites

  • ✅ Elastic Beanstalk environment
  • ✅ EB region defined (ACM certificates must be in the same region as EB)
  • ✅ Domain registered and configured on Wix

Terms

  • CNAME (Canonical Name): DNS record that points a subdomain to another domain. Example: api.yourdomain.com → my-app.elasticbeanstalk.com
  • ACM (AWS Certificate Manager): AWS service for creating and managing free SSL/TLS certificates
  • SSL/TLS Certificate: Digital certificate that enables secure HTTPS connections
  • DNS Validation: Certificate validation method through DNS records (more common than email validation)

1) Create certificate in AWS Certificate Manager (ACM)

  1. Access ACM in the same region as your Elastic Beanstalk
  2. Click Request a certificatePublic certificate
  3. Domain name: api.yourdomain.com (or api-dev.yourdomain.com, api-prod.yourdomain.com, etc.)
  4. Validation method: DNS validation (recommended)
  5. Complete and copy the generated validation CNAMEs (host/value)

⚠️ Why do this first? These CNAMEs will be created in DNS (Wix) to validate the certificate before attaching it to Elastic Beanstalk.

2) Configure DNS in Wix

Access Domains → Manage DNS in the Wix panel and add:

2.1) ACM validation CNAME(s)

  • Type: CNAME
  • Host: as shown in ACM (long/unique name generated by AWS) - remove trailing dot (.) if present
  • Points to: the validation CNAME value provided by ACM - remove trailing dot (.) if present
  • Save and wait for validation (typically 3-10 minutes)

⚠️ Important: AWS generates values with trailing dots (.), but Wix doesn't accept them. Remove the trailing dot from both Host and Value before saving.

2.2) Application CNAME

  • Type: CNAME
  • Host: api (or any desired subdomain: api-dev, api-prod, etc.)
  • Points to: Elastic Beanstalk endpoint
    Example: my-app-env.eba-xyz123.eu-west-1.elasticbeanstalk.com

3) Attach certificate in Elastic Beanstalk

  1. In Elastic Beanstalk → your environment → ConfigurationNetwork

  2. Add HTTPS listener:

    • Port: 443
    • Protocol: HTTPS
    • SSL certificate: select the validated ACM certificate
    • SSL policy: the latest one, example: ELBSecurityPolicy-TLS13-1-2-2021-06

  3. Configure HTTP → HTTPS redirect (optional but recommended):

    • Edit the port 80 (HTTP) listener
    • Configure a Redirect rule to HTTPS:443
    • This forces all connections to use HTTPS

  4. Apply configurations and wait for deployment (may take a few minutes)

4) Django application adjustments

# settings.py
ALLOWED_HOSTS = [
    "api.yourdomain.com",  # or your chosen subdomain
]

Deploy: After changes, deploy the application to Elastic Beanstalk.

5) Testing and verification

5.1) Verify DNS

dig api.yourdomain.com

Expected result:

api.yourdomain.com.  300  IN  CNAME  my-app-env.eba-xyz123.eu-west-1.elasticbeanstalk.com.

5.2) Verify HTTPS/TLS

curl -I https://api.yourdomain.com

Expected result:

HTTP/2 200
server: nginx/1.20.1
date: Fri, 05 Sep 2025 10:30:00 GMT
content-type: text/html; charset=utf-8

5.3) Test in browser

  1. Verify that the certificate is valid - status Issued
  2. Access https://api.yourdomain.com in the browser

Workflow summary

  1. ACM: Create certificate with DNS validation
  2. Wix DNS: Add validation CNAMEs + application CNAME
  3. Elastic Beanstalk: Attach certificate and configure HTTPS listeners
  4. Django: Adjust ALLOWED_HOSTS and proxy configurations
  5. Test: Verify DNS, HTTPS, and complete functionality