MediaTailor Cloudfront Custom Domain Fails with SSL
I have a fully functioning video distribution flow using S3, MediaTailor & Cloudfront. You can watch it here: https://d3helw5t9nveja.cloudfront.net/v1/master/58a2f0c6b3528a8407e12e2dd992bd221d5afc39/RadFAST1-Channel-Beachfront/radfast1.m3u8
My final task in the workflow is to assign a custom domain to the cloudfront distribution. I am using HTTPS for everything (as most video sites use exclusively https). I have created a SSL certificate in Cloudfront & and added CNAMES to the domain radiantfc.com, www.radiantfc.com and *.radiantfc.com by cutting and pasting from the certificate. Certificate Manager says that these records are successful. See screen shot:
In my Cloudfront distribution my origin is set to HTTPS only / TLSV1.2 and my attached behavior states HTTPS only, GET, HEAD & caching is disabled. I've been clicking around for a few days and can't seem to get this to work. Here's the link with the URL domain replacement - but it's no go: https://radiantfc.com/v1/master/58a2f0c6b3528a8407e12e2dd992bd221d5afc39/RadFAST1-Channel-Beachfront/radfast1.m3u8
Any assistance / ideas / suggestions greatly appreciated!
- Newest
- Most votes
- Most comments
This looks like a DNS error. Querying the apex and www records for your domain does not yield any records. Have you set these up on the correct name servers? The name servers for your domain are currently: ns17.domaincontrol.com ns18.domaincontrol.com
If you have created the records somewhere else, you would need to change the delegation for your domain at the registrar so that the correct name servers are used. Alternatively, create the records on the name servers listed above.
Once you have corrected the DNS issue, things should start working correctly.
Hi,
Is it for channelassembly ? And without CDN - it works well in Theo Test Player
Thanks so much for your input. Yes - channel assembly with programmatic ad insertion. This URL works: https://d3helw5t9nveja.cloudfront.net/v1/master/58a2f0c6b3528a8407e12e2dd992bd221d5afc39/RadFAST1-Channel-Beachfront/radfast1.m3u8
BUT - the same string with the domain replaced in Cloudfront using SSL gets a URL error: https://radiantfc.com/v1/master/58a2f0c6b3528a8407e12e2dd992bd221d5afc39/RadFAST1-Channel-Beachfront/radfast1.m3u8
Again, thanks for any ideas.
Relevant content
- Accepted Answerasked a year ago
- asked 4 years ago
- asked 2 years ago
AWS OFFICIALUpdated 9 months ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Paul - Thanks so much for your response. Yes, I removed the apex and www records to test if they were conflicting with my CNAME records. I've used the CNAME records provided by the AWS SSL Certificate (for radiantfc.com, www.radiantfc.com and *.radiantfc.com) but I'm still getting the error. It is using the nameservers you mentioned. Frankly, I'm stumped - I'm considering deleting the SSL, creating a new one, repopulating the CNAME records and updating my cloudfront instance. This seems a bit extreme, but I can't think of anything else. Suggestions? (btw - got the same error when the apex and www names were there. Host is GoDaddy).
Thanks, Jock
The CNAME records that Certificate Manager asks you to add are to verify that you own the domain - when you create those, Certificate Manager issues the certificate and you can then associate it with your CloudFront distribution. You also need to create a CNAME record in DNS to point www at your CloudFront distribution so that your viewers can access your content. Please see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html