The entirety of my web application is contained within various AWS services and is working properly with Cloudfront.
When I go to abcxxxx.cloudfront.net my site works as expected and is secured with https.
When I try and use my own custom domain with Route53 and setting www.mywebsite.com and mywebsite.com as aliases, it is no longer secure.
My alias target for each is the proper Cloudfront domain.
I don't know if the following has to do with my problem but when I try to go to mywebsite.com it says:
"this site cannot be reached"
but when I go to www.mywebsite.com it redirects to https with the "https" crossed out in red and displays "not secure".
Cloudfront also has the proper CNAMES.
How do I properly configure Route53 to work like my Cloudfront domain?
Mark B answered the question. Don't use Cloudfront's default SSL Certificate. Go to Certificate Manager and request a new one and use that one in Cloudfront. My site then worked exactly as expected
Related
Similarly to other stacks, I have hosted a website using AWS services:
Registered domain on Route 53 (example.net)
Content is hosted on an S3 bucket
Got an SSL certificate using AWS Certificate Manager
Created a CloudFront distribution, pointed it to S3 and connected it to my domain with Route 53.
All of this works except for an issue at what seems to be the final hurdle. When I enter my domain url into the search bar, example.net, the connection isn't secure by default. I've illustrated the problem here.
I'm relatively new to hosting and can't find a solution relating to this. My thoughts are that I'm missing some Cloudfront or Route 53 configuration, since another thing that doesn't work is connecting via www (I don't care about that issue as much). Any input is appreciated.
By default enabling HTTPS on a website doesn't disable HTTP. They are both available, on separate ports. That's why you have to type https:// in the browser's address bar to go directly to the HTTPS version of your website. You can get CloudFront to redirect all HTTP requests to HTTPS by following this guide.
I'm currently going through the process of switching our domain, we'll say we're moving from olddomain.com to newdomain.com
We have all of our services hosted on AWS, and I'm having an issue with our www subdomain not properly redirecting to the new domain.
I'm trying to have www.olddomain.com redirect to www.newdomain.com - the strategy that I'm on currently attempting is to use an s3 static site that redirects to the new domain. Since the site/url is https, I'm also needint to put a cloudfront distribution in front.
Starting from the bottom and moving up...
The s3 static site url directly works fine for the redirect.
The cloudfront distribution (pointing properly to the s3 static site) works fine for the redirect, both on http and https.
I have the DNS record for www.olddomain.com pointing at the cloudfront distribution
Going to www.olddomain.com does NOT redirect, but instead tries to render our web application on a broken www.olddomain.com (server is setup to not allow traffic from there anymore).
I've gone through a lot of different options and configuration, but it's very stange/important that the redirect works fine directly on the s3 static site as well as the cloudfront distribution, however it does not work when going to the domain that points to the cloudfront distribution. Please let me know any further details that can be supplied to help look into this issue and I'll be happy to supply them.
The issue for me ended up being that I needed to add the alternate CNAME of www.olddomain.com and the ssl certificate for that domain in the cloudfront settings.
I searched a lot of similar questions and got more confused.
Basically my application is running on https://example.com/login. I have this DNS on route53. Now I want to display the "Under maintenance" page on the same URL.
So I created a static HTML page and hosted it in s3. Now if I am hitting example.com then I can access the static page but when I am hitting https://example.com/login or http://example.com/login I don't see the static page. Now I am having 2 questions:
Can I redirect example.com/login to example.com? so that my static page is visible.
Can I redirect https to HTTP or https://example.com/login to example.com?
I guess for https I have to use CloudFront but still checking if there is any other way?
Even if it's possible, you shouldn't do it. Just use CloudFront with Route53 and ACM and host everything on HTTPS. Here's an article how to do that, but you can find a lot of other ones.
The steps you need:
request a new certificate on ACM (make sure you use the us-east-1 region). Select domain validation, then add the CNAME record to the domain
create a new CloudFront distribution, add the S3 bucket as the origin, select "redirect HTTP to HTTPS", then add the alternate domain name as your domain (example.com) and select the ACM certificate
add an A and an AAAA record in the Route53 hosted zone, make them an ALIAS to the distribution
wait a few minutes and it should work
Using HTTP marks the connection as "Not secure" by the browser and a login form is especially something you want to serve over an encrypted connection. You need to set up CloudFront once, and you can add new files to the S3 bucket.
I currently have my website running at https://www.example.com. I did this by creating an S3 bucket hosting the site called www.example.com, then I created a Cloudfront instance to add SSL.
I then created a CNAME in Godaddy which points to the Cloudfront URL.
If I visit http://example.com, GoDaddy correctly redirects to http://www.example.com, which Cloudfront correctly redirects to https://www.example.com.
HOWEVER, if I visit https://example.com, I get a blank page. How can I make the SSL naked domain redirect to www?
Proved myself wrong in rereading your question:
“Unfortunately, our forwarding servers don't accept HTTPS requests. This is why your forward isn't working. Traffic coming into the forwarding server using the HTTPS protocol won't resolve. The only way you'd be able to set this up is to have the domain hosted on a server where it has an SSL Certificate installed. You could then set up a redirect to point traffic from your old domain to your new one. “
https://www.godaddy.com/community/SSL-And-Security/Forwarding-works-as-long-as-URL-does-not-contain-https/td-p/44951
You should probably just move the domain to route53.
I have decided to switch to HTTPS for my Github pages custom domain, to do so I have followed this tutorial step by step. Namely:
Requested for an SSL in AWS Certificate Manager
Created a CloudFront distribution
Changed my DNS A Record to an alias to that distribution
But for some reason, when accessing christopherkade.com the URL follows the default root object I have set in the distribution (christopherkade.com/index.html) and Firefox gives me the following error The page isn’t redirecting properly and Chrome christopherkade.com redirected you too many times..
Here are my DNS records:
My page is hosted on this repository.
Did I forget something?
I have found a solution, but it required a change in the service used to deliver HTTPS. I sum it up here, but in short:
I now use Cloudflare as my DNS and changed my nameservers on AWS Route 53 to the ones given by Cloudflare after setting up my website.
As you can see christopherkade.com is now served in HTTPS.