Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

CloudFront alternate domain name Certificates

0

My custmer uses Cloudfront to run shops for customers under their own subdomain but also under the mobile subdomain of the customer, which they don't manage themselves.

Before this CloudFront security change they were able to add the alternate domain using only their certificate and then use it to validate and get a Let's Encrypt certificate for the customer subdomain.

Is this still possible through some other means?

Temas
CálculoRedes y entrega de contenido
Etiquetas
Aprovisionamiento de sitios webAmazon CloudFront
Idioma
English
AWS-User-6336697
preguntada hace 5 años386 visualizaciones
1 Respuesta
0
Respuesta aceptada

I understand that this company (for example shops.com) creates a distribution covering two CNAMEs for each of their customers (customer.shops.com and m.customer.com). Then they ask their customer to point m.customer.com to the created distribution, then they use Lets Encrypt with HTTP validation to issue a certificate covering both domain, and finally they attach the certificate to this distribution using ACM.

That will not work any more with the new security enhancements in CloudFront. I suggest that the customer first issue a certificate using ACM and DNS validation covering both domains (first action from their customer), then creates the distribution with this certificate and finally ask the customer to create the necessary CNAME in their DNS configuration.

profile pictureAWS
EXPERTO
achraf
respondido hace 5 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante