Thanks davidg for getting back to me. I have used Bitnami Let's Encrypt, which seems to have worked somewhat. Although the site goes to https, it still is recognised as not secure, and also there's a screen that flashes up just before the site comes up (see https://cdb.network) and I am not sure what code is making that happen. Any assistance you can provide would be incredibly helpful.
As for the Amazon load balancer approach to setting up SSL, it seems like a private certificate is also in order. I can't install the certificates created by Amazon Certificate Manager (ACM) on resources I have direct low-level access to, like EC2 or servers outside of AWS, because I am not provided with access to the private keys. These certs can only be deployed on resources managed by the AWS infrastructure -- ELB and CloudFront -- because the AWS infrastructure holds the only copies of the private keys for the certificates that it generates, and maintains them under tight security with auditable internal access controls. This makes the guidance available that I followed incorrect - maybe it should be updated?
Thanks again and if you have any additional guidance for fixing these last issues that would be greatly appreciated.