- Le plus récent
- Le plus de votes
- La plupart des commentaires
Pieceratops wrote:
Thank you for replying it is much appreciated. In my certificate I have additional names for www.mysite.com and mysite.com of which I have CNAME entires in Route 53. Is that enough?
Yes, that should be enough for the certificate.
1) it looks like your "mysite.com" domain is not associated with your CloudFront distribution through a alternate domain name entry.
I thought this was done through association at the beginning of the cloudfront set up? So I used my S3 as the origin?
I see that you've set up S3 as your origin, but when I view your CloudFront distribution settings, the only internet domain name associated with it from a customer viewer point of view is d123.cloudfront.net name. With that name, only the default CloudFront certificate will be used. Even if you have Route 53 correctly configured to point 'mysite.com' to your CloudFront distribution, CloudFront won't recognize the incoming request as one that's associated with your distribution, because you don't have the alternate domain entry configured. (Or if you do, I can't see it and there's a defect that we need to look into.)
Follow ONE of these:
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html has instructions that make it a one stop shop;
-OR-
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-and-https-procedures.html#cnames-and-https-updating-cloudfront takes you through a bit more of the CloudFront console pages, and explains the different CloudFront options.
I would also suggest turning on logs, especially while getting things set up-- they're a huge help for debugging. If you're concerned about having logs pile up, you can configure S3 to automatically delete them after a short period of time.
I have CNAME entries for mysite.com and www.mysite.com which were automatically created when I requested the cert (the handiness of using Route 53), are these just for the validation? I changed them to point to the cloudfront distribution but nothing seems to have changed?
I have A records for mysite.com and www.mysite.com both pointing to my S3 bucket. I know this is something stupid I am doing but I have tried so many different combinations that I'm baffled now
Edited by: RonS@AWS on Sep 5, 2019 6:47 PM --removed extra instructions that weren't required any longer--
Hi there-- There's a couple of things you need to do to make that last step work:
- it looks like your "mysite.com" domain is not associated with your CloudFront distribution through a alternate domain name entry.
- Pay attention to https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements . Specifically, you say that your cert is for *.mysite.com, however you attempted to connect to 'mysite.com'. The cert that you're associating with your account will treat those differently.
Hopefully those two things will get you launched!
Hi,
Thank you for replying it is much appreciated. In my certificate I have additional names for www.mysite.com and mysite.com of which I have CNAME entires in Route 53. Is that enough?
1) it looks like your "mysite.com" domain is not associated with your CloudFront distribution through a alternate domain name entry.
I thought this was done through association at the beginning of the cloudfront set up? So I used my S3 as the origin?
I have CNAME entries for mysite.com and www.mysite.com which were automatically created when I requested the cert (the handiness of using Route 53), are these just for the validation? I changed them to point to the cloudfront distribution but nothing seems to have changed?
I have A records for mysite.com and www.mysite.com both pointing to my S3 bucket. I know this is something stupid I am doing but I have tried so many different combinations that I'm baffled now :-(
Thanks again
Edited by: Pieceratops on Sep 4, 2019 12:03 AM
Edited by: Pieceratops on Sep 4, 2019 12:17 AM
Edited by: Pieceratops on Sep 4, 2019 1:08 AM
Thank you! I had not created the alternate domains on my cloudfront distribution! Once I did that the http to https redirect started working correctly.
Many thanks again for your help.
Contenus pertinents
- demandé il y a 3 mois
- demandé il y a 4 mois
- demandé il y a 7 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 10 mois
- AWS OFFICIELA mis à jour il y a 2 ans