- Newest
- Most votes
- Most comments
So I narrowed things down a bit, if I set all the TTLs to 0, things work, although nothing is cached. Setting the max or default above 0 results in the behavior.
I recreated a new distribution and it's acting the same. Seems like Germany, Italy and France are the main edge locations with issue.
So testing, I believe I have a solution.
So we have all HTTPS to CloudFront. Then our custom Origin (which lives outside AWS) had to be HTTP, since the load balancer at the Origin only had the domain we needed to serve on CloudFront. If we did, CloudFront would just redirect to itself.....
https://domain.com --> CloudFront --> https://domain.com --> goto CloudFront instead of origin.
Originally I attempted another origin domain with the origin SSL, but as it thought, CloudFront didn't like the SSL mismatch.
Didn't work.
https://domain.com --> CloudFront --> https://random.domain.com --> goto Origin, but just got 504
Did work, as I took the origin out of SSL
https://domain.com --> CloudFront --> http://random.domain.com --> goto Origin, OK in U.S. and other places, but a not working in Europe.
We had a demo version of the site working under a different CNAME and valid SSL, and I tested successfully in that manner.
https://domain.com --> CloudFront --> https://demo.domain.com --> goto Origin, valid SSL, everything is AWESOME!
I think this is probably somehow related to EU privacy laws. And yes, this isn't how we probably should have configured things, but the SSL limitations on our Origin made it somewhat necessary.
We'll have to get another SSL on our load balance to resolve this, but at least we have a solution.
Relevant content
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago