If you don't have your own CA already and use a TLS cert from a CA that is already trusted by your systems, the setup is a bit easier. You can get a certificate from AWS ACM and use an annotation on your Ingress to add that certificate to the ALB. You'd be able to open the Rancher URL in just about any web browser too.