Amazon S3 - HTTPS/SSL - Is it possible?

I saw a few other questions regarding this without any real answers or information (or so it appeared).

I have an image here:
http://furniture.retailcatalog.us/products/2061/6262u9665.jpg

Which is redirecting to:
http://furniture.retailcatalog.us.s3.amazonaws.com/products/2061/6262u9665.jpg

I need it to be (https):
https://furniture.retailcatalog.us/products/2061/6262u9665.jpg

So I installed a wildcard ssl on retailcatalog.us (we have other subdomains), but it wasn't working. I went to check
https://furniture.retailcatalog.us.s3.amazonaws.com/products/2061/6262u9665.jpg

And it wasn't working, which means on the Amazon S3 website itself the https wasn't working.

How do I make this work?

This is a response I got from their Premium Services

> Hello, > > This is actually a issue with the way SSL validates names containing a period, '.', > character. We've documented this behavior here: > > http://docs.amazonwebservices.com/AmazonS3/latest/dev/BucketRestrictions.html > > The only straight-forward fix for this is to use a bucket name that does not contain that character. You might instead use a bucket named 'furniture-retailcatalog-us'. This would allow you use HTTPS with > > https://furniture-retailcatalog-us.s3.amazonaws.com/ > > You could, of course, put a CNAME DNS record to make that more friendly. For example, > > images-furniture.retailcatalog.us IN CNAME furniture-retailcatalog-us.s3.amazonaws.com. > > Hope that helps. Let us know if you have any other questions. > >Amazon Web Services

Unfortunately your "friendly" CNAME will cause host name mismatch when validating the certificate, therefore you cannot really use it for a secure connection. A big missing feature of S3 is accepting custom certificates for your domains.

---

UPDATE 10/2/2012

From @mpoisot:

The link Amazon provided no longer says anything about https. I poked around in the S3 docs and finally found a small note about it on the Virtual Hosting page: http://docs.amazonwebservices.com/AmazonS3/latest/dev/VirtualHosting.html

---

UPDATE 6/17/2013

From @Joseph Lust:

Just got it! Check it out and sign up for an invite: http://aws.amazon.com/cloudfront/custom-ssl-domains

I know its a year after the fact, but using this solves it: https://s3.amazonaws.com/furniture.retailcatalog.us/products/2061/6262u9665.jpg

I saw this on another site (http://joonhachu.blogspot.com/2010/09/helpful-tip-for-amazon-s3-urls-for-ssl.html).

payton109’s answer is correct if you’re in the default US-EAST-1 region. If your bucket is in a different region, use a slightly different URL:

https://s3-<region>.amazonaws.com/your.domain.com/some/asset

Where <region> is the bucket location name. For example, if your bucket is in the us-west-2 (Oregon) region, you can do this:

https://s3-us-west-2.amazonaws.com/your.domain.com/some/asset

As previously stated, it's not directly possible, but you can set up Apache or nginx + SSL on a EC2 instance, CNAME your desired domain to that, and reverse-proxy to the (non-custom domain) S3 URLs.