You should use the actual DNS name/names you want for your website on the distribution CNAME settings (make sure you have a proper certificate for them, created on Amazon Certificate Manager for free)
The origin should be using a different DNS name, but no one will be able to see it, as all traffic should be fronted by CloudFront.
You need to make sure your Origin Request policy does not or does include the Host header, depending on the way the application is built, and the hostnames on which it "listens".
Cloudfront eu-south-1 limitations origin domainAccepted Answerasked 8 months ago
Lightsail container as CloudFront Origin returns 404 No Such ServiceAccepted Answerasked 7 months ago
Adding Domain Name to CloudFront DistributionAccepted Answerasked 9 months ago
How do I use Amazon CloudFront with AWS Elastic Beanstalk as the origin?Accepted AnswerEXPERTasked 3 years ago
How is a CloudFront origin deemed unavailable?asked 7 months ago
CloudFront for WordPress Origin same as alternativeAccepted Answerasked 8 months ago
How can I serve a webflow.com blog under a subdirectory of my site using cloudfront/lambda@edge?asked 8 months ago
Creating CloudFront Distribution, where do I enter my domain name?Accepted Answerasked 2 months ago
Can a CloudFront origin be another CloudFront distribution?asked 6 months ago
Custom domain cert + cloudfront + s3 origin, https://www.ex.com/ acc deniedasked 3 years ago