AWS re:Post Knowledge Center Feedback Survey

Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.

It worked normally in alb, but when connecting to cloudfront, ssl:handshake_failure occurred. What is the reason?

After connecting the domain name to alb and inserting the certificate into alb, payment-related services were provided.

During service, cdn caching was required, so a situation occurred where cloudfront had to be connected to the front end.

I connected cloudfront in front of alb, put the same certificate, matched the tls version, and changed the domain name to confirm normal operation.

However, when connecting to an external payment site An error such as exception:javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure has occurred.

(Connected normally with alb.)

All settings are the same, but I wonder what causes it to work in alb but not in cloudfront.

Topics: Networking & Content Delivery
Tags: Amazon CloudFront Elastic Load Balancing
Language: English

joker

asked 3 years ago396 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

That error could be CloudFront not being able to connect to the origin, in this case the alb. Can you check your origin configuration in CloudFront, and make sure that it is correct? You should be able to correct directly to the alb to rule that out.

Jeremy AWS

answered 3 years ago

joker
3 years ago
Since cloudfront cannot connect to another origin, another listener is connecting to the same cloudfront through the same alb and is serving. Cloudfront's origin configuration and operation are working normally, so the example.com domain is running. Again, the other domain, pay.example.com, is working properly, but the "error exception:javax.net.ssl.sslhandshakeexception: received fatal alert: handshake_failure" is occurring in communication with the external domain.

Relevant content

CloudFront and ALB Integration
rePost-User-7796406
asked 4 years ago
CloudFront Distribution for subdomain to route websocket connection to ALB
Accepted Answer
madmax
asked 2 years ago
Issues Associating Custom Domain with Amazon Managed Grafana Using CloudFront and ALB
Marco
asked 9 months ago
504 error when Cloudfront send https-only request to ALB with specific security group
AWS-User-4501366
asked 4 years ago
How do I resolve ACM certificate errors that occur when I used HTTPS to access my website?
AWS OFFICIALUpdated 2 years ago
How do I troubleshoot a 502 "The request could not be satisfied" error in CloudFront?
AWS OFFICIALUpdated 7 months ago
How do I resolve DNS and routing issues when I connect to Route 53 hosted domains that are mapped to CloudFront distributions?
AWS OFFICIALUpdated 4 months ago
How do I use ACM to troubleshoot the CloudFront distribution "InvalidViewerCertificate" domain name errors?
AWS OFFICIALUpdated 4 months ago
Why do SSL/TLS negotiation errors occur when connecting to an Application Load Balancer over HTTPS, and how can I identify the responsible client IP?
SUPPORT ENGINEER
Sarah Park
published 10 months ago
Correlating CloudFront and ALB Logs for End-to-End Transaction Tracing
EXPERT
Yaniv Rozenboim
published a year ago

It worked normally in alb, but when connecting to cloudfront, ssl:handshake_failure occurred. What is the reason?

Add your answer

Relevant content