MediaTailor Cloudfront Custom Domain Fails with SSL


I have a fully functioning video distribution flow using S3, MediaTailor & Cloudfront. You can watch it here:

My final task in the workflow is to assign a custom domain to the cloudfront distribution. I am using HTTPS for everything (as most video sites use exclusively https). I have created a SSL certificate in Cloudfront & and added CNAMES to the domain, and * by cutting and pasting from the certificate. Certificate Manager says that these records are successful. See screen shot: Enter image description here

In my Cloudfront distribution my origin is set to HTTPS only / TLSV1.2 and my attached behavior states HTTPS only, GET, HEAD & caching is disabled. I've been clicking around for a few days and can't seem to get this to work. Here's the link with the URL domain replacement - but it's no go:

Any assistance / ideas / suggestions greatly appreciated!

demandé il y a un an284 vues
2 réponses

This looks like a DNS error. Querying the apex and www records for your domain does not yield any records. Have you set these up on the correct name servers? The name servers for your domain are currently:

If you have created the records somewhere else, you would need to change the delegation for your domain at the registrar so that the correct name servers are used. Alternatively, create the records on the name servers listed above.

Once you have corrected the DNS issue, things should start working correctly.

répondu il y a un an
  • Paul - Thanks so much for your response. Yes, I removed the apex and www records to test if they were conflicting with my CNAME records. I've used the CNAME records provided by the AWS SSL Certificate (for, and * but I'm still getting the error. It is using the nameservers you mentioned. Frankly, I'm stumped - I'm considering deleting the SSL, creating a new one, repopulating the CNAME records and updating my cloudfront instance. This seems a bit extreme, but I can't think of anything else. Suggestions? (btw - got the same error when the apex and www names were there. Host is GoDaddy).

    Thanks, Jock

  • The CNAME records that Certificate Manager asks you to add are to verify that you own the domain - when you create those, Certificate Manager issues the certificate and you can then associate it with your CloudFront distribution. You also need to create a CNAME record in DNS to point www at your CloudFront distribution so that your viewers can access your content. Please see:



Is it for channelassembly ? And without CDN - it works well in Theo Test Player

répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions