By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Using Route53 to serve https request for my s3 bucket via cludfront distribituin

0

I spent almost 3 days with trial and error , documention and more but not sloving my issue. i pretty sure i do same mistake over and over again. please try read my steps and figure out why i cant using my domain in url in order to get my site.

  1. i upload my static files into s3 bucket as website. => The url is working well at http://myBucket.s3-website.my-region.amazonaws.com/ => my s3 region is il-central-1

  2. route 53: I bought a new domain "myDomain.net" from aws route 53

  3. route 53: created new host zone and from the record of type ns , i copied the values there to my clipboard

  4. route53: registred domain => actions => edit name servers => paste the values from prev state example : ns-xyz.awsdns-ab.net and all others => now all name server of my domain are same as the ns record in my hostzone

  5. certificate manager => i created public certificate in US East (N. Virginia) region and awaited to status : Issued

  6. ACM and route53: in the new ssl certificate i clicked on "create records in route53" button and i created CNAME record in my hostzone => value : someToken.someString.acm-validations.aws.

  7. cloudFront: create distribution => origin domain it shows me an autocomplete to my s3 bucket as => myDomain.s3.il-central-1.amazonaws.com and i know it should use the s3 url format as "http://myBucket.s3-website.my-region.amazonaws.com/" so i pasted the the s3 url format but now in protocl is show HTTP only option => Viewer protocol policy i change to Redirect HTTP to HTTPS => Do not enable security protections => Alternate domain name (CNAME) - optional i set as myDomain.net => Custom SSL certificate - optional - the certificate created in step 5 Click on the create distribution button and test the new url "https://someId.cloudfront.net" and it works well. now it seems my s3 and cloudfront are connected i guess

  8. route53 : create record => record name i keep it blank (my alternate name is same as my region ...maybe its a mistkae and i shouldnt create alternate name?) => record type - A => alias -> alias to cloud front distribution -> someId.cloudfront.net clicked on create record

at the begining i trid to navigate to https://myDomain.net and nothing happnd i got DNS_PROBE_FINISHED_NXDOMAIN (checked in incognito also ) after about 6-7 hours it worked , i get access to my site with my domain as url but after a few minutes i got

Web Page Blocked! You have tried to access a web page which belongs to a category that is blocked.

what i did wrong?

Topics
Networking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon CloudFrontAmazon Route 53AWS Certificate Manager
Language
English
Bennyh960
asked 6 months ago265 views
2 Answers
0

NXDOMAIN means that domain is not registered.

When you do a NS record lookup for your domain, does it return R53 records?

%% nslookup
> set type=NS
> myDomain.net

You can refer to How do I use CloudFront to serve HTTPS requests for my Amazon S3 bucket? for the steps.

AWS
EXPERT
Mike_L
answered 6 months ago
  • Bennyh960
    6 months ago

    So i tried to navigate to https:// with my domain after 7 hours and it works . then i tried again and i blocked from the browser getting web page blocked You have tried to access a web page which belongs to a category that is blocked.

    anyway i tried the nslookup command and i got the unexpected

    *** ns1-cache.hotnet.net.il can't find myDomain: Server failed

0

Web Page Blocked! You have tried to access a web page which belongs to a category that is blocked.

This is a message from a Fortnet firewall. There is likely content filtering or moderation on the network you're attempting to access your site from. Can you try accessing it from a different network?

AWS
EXPERT
tyler_applebaum
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content