Hello,
I am having trouble delivering a website using an alternate domain name and https.
I am hosting the static web files in an s3 bucket with the name example-com
(using example
as example). I do not have this bucket enabled for static website hosting. I read somewhere that if you are using s3 with cloudfront, you should have Static website hosting
disabled
on the s3 bucket that is hosting the web files, because it is really your cloudfront distribution that is 'acting as the website.'
I also read somewhere that you cant have periods in your s3 bucket name if you link it to cloudfront, so that's why I use example-com
and not example.com
.
I am using a cloudfront distribution with the Origin domain
as example-com.s3.us-east-1.amazonaws.com
, Origin access
is public
, viewer protocol policy
is Redirect http to https
, alternate domain CNAME
are example.com
and www.example.com
, and I have a valid SSL certificate for this domain in cloudfront. Apparently SNI is implemented by default.
example-com.s3.us-east-1.amazonaws.com/index.html
is my Default root object.
When I go to http://www.example.com
the website loads fine, with all my files displayed correctly. However, when I go to https://www.example.com
the page just spins, and after about 2-3 min. it says can't establish a connection with the site; example.com took too long to respond.
F12 doesn't display the server error.
I have a route 53 hosted zone under example.com
with all the CNAME records, ie
www.example.com
with value/route to
being example.com
randomcharacters1.example.com
routing to randomcharacters2.tftwdmzmwn.acm-validation.aws.
randomcharacters3.www.example.com
routing to randomcharacters4.tftwdmzmwn.acm-validation.aws.
Ok, I changed the records in Route 53 and now
https://www.example.com/index.html
&https://example.com/index.html
work. The result ofopenssl s_client -connect www.example.com:443 -prexit
isI fixed my Origin access to
Origin access control settings
and updated the s3Bucket policy
with the policy that cloudfront suggested under Origin access > Bucket policy > Copy policy. Now, when I gohttps://www.example.com
andhttps://example.com
I receive a 403 error on f12 on thewww.example.com
andexample.com
files. So the complete summary of the browser response is as follows -https://www.example.com
- 403 errorhttps://example.com
- 403 errorhttps://www.example.com/index.html
- displays correctlyhttps://example.com/index.html
- displays correctlyhttp://www.example.com
- redirects tohttps://example.com
- 403 errorhttp://example.com
- redirects tohttps://example.com
- 403 errorhttp://www.example.com/index.html
- redirects tohttps://www.example.com/index.html
- displays correctlyhttp://example.com/index.html
- redirects tohttps://example.com/index.html
- displays correctly