I have a domain (example.com) with SSL support. I am having an issue when trying to redirect a request from www.example.com
-> https://example.com
.
The error I get when trying to access www.example.com is:
The request could not be satisfied.
Bad request.
These URLs work (redirect to https://example.com
)
example.com
http://example.com
https://example.com
http://www.example.com
shows that the website is not secure, meaning it does not use the certificate.
S3
I have created 2 S3 buckets example.com & www.example.com (A and B, respectively). Bucket A's Static Website Hosting has enable website hosting pointing to example.com. Bucket B's Static Website Hosting has redirect all requests to example.com.
Cloudfront
I have a distribution with 2 Alternate Domain Names (CNAMEs), example.com and www.example.com. I also have an SSL cert on this dist.
Route 53
I have a hosted zone with 2 A-type aliases, example.com and www.example.com that both point to Cloudfront's distribution (XX.cloudfront.net)
Redirect HTTP to HTTPS Viewers can use both protocols, but HTTP requests are automatically redirected to HTTPS requests. CloudFront returns HTTP status code 301 (Moved Permanently) along with the new HTTPS URL.
You can take it out of the logic equation. You should have 4 "A" type records in your Route 53 for the domain (assuming you have IPv6 enabled in CloudFront): www.domain.com "A" alias record pointing to your CloudFront instance. www.domain.com "AAAA" alias record pointing to your CloudFront instance.
You need to have your content being distributed by Cloudfront. So the content from your S3 bucket will go through Cloudfront before being served. You can find info about how to do it here: Using CloudFront with Amazon S3
Then, for the second part, to have all your data served with https, do the following: Go to CloudFront > Your distribution > behaviour tab > select the first element of the list and click Edit. Then you should be able to see an option for redirecting http to https.
I'm surprised that you're having luck with the SSL endpoints, as it's my understanding that the proper setup is to disable static website hosting on the s3 buckets and make sure all traffic to them is going through Cloudfront. Cloudfront will handle SSL itself, including redirects from HTTP to HTTPS, provided that you configure your Cloudfront origin to only allow HTTPS access via the Origin Protocol Policy
setting.
For setting up the Cloudfront-to-s3 configuration: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCustomOrigins.html
For restricting s3 to be accessible only by Cloudfront: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With