diff --git a/.gitignore b/.gitignore
index 9a32094..ed5eac6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -22,3 +22,4 @@ tsconfig.tsbuildinfo
 # CDK asset staging directory
 .cdk.staging
 cdk.out
+cdk.context.json
diff --git a/cdk/app-stack.ts b/cdk/app-stack.ts
index bc0baab..3704c30 100644
--- a/cdk/app-stack.ts
+++ b/cdk/app-stack.ts
@@ -13,10 +13,18 @@ import {
   Source,
 } from "aws-cdk-lib/aws-s3-deployment";
 import path from "path";
+import { ARecord, HostedZone, RecordTarget } from "aws-cdk-lib/aws-route53";
+import { CloudFrontTarget } from "aws-cdk-lib/aws-route53-targets";
+import { DnsValidatedCertificate } from "aws-cdk-lib/aws-certificatemanager";
+
+interface AppStackProps extends cdk.StackProps {
+  domainName: string;
+}
 
 export class AppStack extends cdk.Stack {
-  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
+  constructor(scope: Construct, id: string, props: AppStackProps) {
     super(scope, id, props);
+    const { domainName } = props;
 
     const bucket = new Bucket(this, "Bucket", {
       accessControl: BucketAccessControl.PRIVATE,
@@ -82,7 +90,17 @@ export class AppStack extends cdk.Stack {
       }
     );
 
-    new Distribution(this, "Distribution", {
+    const hostedZone = HostedZone.fromLookup(this, "HostedZone", {
+      domainName,
+    });
+
+    const certificate = new DnsValidatedCertificate(this, "Certificate", {
+      domainName,
+      hostedZone,
+      region: "us-east-1",
+    });
+
+    const distribution = new Distribution(this, "Distribution", {
       defaultRootObject: "index.html",
       errorResponses: [
         {
@@ -100,6 +118,15 @@ export class AppStack extends cdk.Stack {
         origin: originAccessControl,
         responseHeadersPolicy,
       },
+      domainNames: [domainName],
+      certificate,
     });
+
+    new ARecord(this, "AliasRecord", {
+      zone: hostedZone,
+      target: RecordTarget.fromAlias(new CloudFrontTarget(distribution)),
+    });
+
+    new cdk.CfnOutput(this, "SiteUrl", { value: `https://${domainName}` });
   }
 }
diff --git a/cdk/app.ts b/cdk/app.ts
index b2eadd3..936a5d0 100644
--- a/cdk/app.ts
+++ b/cdk/app.ts
@@ -4,5 +4,6 @@ import { AppStack } from "./app-stack";
 const app = new cdk.App();
 
 new AppStack(app, "FreechessWebapp", {
-  env: { region: "eu-west-3" },
+  env: { region: "eu-west-3", account: process.env.CDK_DEFAULT_ACCOUNT },
+  domainName: "chesskit.org",
 });