Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

CloudFront alternate domain name Certificates

0

My custmer uses Cloudfront to run shops for customers under their own subdomain but also under the mobile subdomain of the customer, which they don't manage themselves.

Before this CloudFront security change they were able to add the alternate domain using only their certificate and then use it to validate and get a Let's Encrypt certificate for the customer subdomain.

Is this still possible through some other means?

Argomenti
ComputazionaliNetworking e distribuzione di contenuti
Tag
Provisioning di siti webAmazon CloudFront
Lingua
English
AWS-User-6336697
posta 5 anni fa386 visualizzazioni
1 Risposta
0
Risposta accettata

I understand that this company (for example shops.com) creates a distribution covering two CNAMEs for each of their customers (customer.shops.com and m.customer.com). Then they ask their customer to point m.customer.com to the created distribution, then they use Lets Encrypt with HTTP validation to issue a certificate covering both domain, and finally they attach the certificate to this distribution using ACM.

That will not work any more with the new security enhancements in CloudFront. I suggest that the customer first issue a certificate using ACM and DNS validation covering both domains (first action from their customer), then creates the distribution with this certificate and finally ask the customer to create the necessary CNAME in their DNS configuration.

profile pictureAWS
ESPERTO
achraf
con risposta 5 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente