使用EC2实例作为来源和自定义域名的Amazon Cloudfront设置
[英]Setup of Amazon Cloudfront with EC2 instance as origin and custom domain name
问题描述
Can you guys help me out in identifying what I am doing wrong in setting up the cloudfront for my ec2 instance (web server) for a custom domain of mine. 
你们能帮我找出我在为我的自定义域设置ec2实例(Web服务器)的Cloudfront时做错了什么。
I am using my domain name (www.example.com) as the origin domain name. 我使用我的域名(www.example.com)作为原始域名。
I have also supplied a certificate to the cloudfront (*.example.com) using ACM. 我还使用ACM向Cloudfront(* .example.com)提供了证书。
The problem I am facing is, when i point out my custom domain name to the cloud fronts domain name in route53 using an alias record. 我面临的问题是,当我使用别名记录将我的自定义域名指向route53中的云前端域名时。
My website responds with an error 502. I'll really appreciate any help. 我的网站显示错误502。非常感谢您的帮助。 I have explored all the content provided by AWS in respect to this but nothing seems to work till now. 我已经探索了AWS提供的与此有关的所有内容,但是到目前为止,似乎没有任何工作。
1 个解决方案
解决方案1
1 已采纳 2019-03-28 11:25:57
Most 502 from CloudFront caused by the SSL communication between CloudFront and Origin. 来自CloudFront的大多数502是由CloudFront与Origin之间的SSL通信引起的。 CloudFront makes sure that your origin: 1.Has Trusted certificate 2. Ciphers matches 3. CloudFront uses the SNI filed in Client hello which is defined as Origin domain name, it most cases if you have cert on EC2 with www.example.com CN, you can forward HOST header and it should solve your problem. CloudFront确保您的来源:1.具有受信任的证书2.密码匹配3. CloudFront使用客户端问候中提交的SNI(定义为来源域名),在大多数情况下,如果您使用www.example.com CN在EC2上拥有证书,您可以转发HOST标头,它应该可以解决您的问题。
- If you don't have HTTPS running on Origin, you can select HTTP only in Origin protocol policy as its bydefault set to Viewer match. 如果没有在Origin上运行HTTPS,则可以在Origin协议策略中选择“仅HTTP”,因为它的默认设置为“查看者匹配”。
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/http-502-bad-gateway.html https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/http-502-bad-gateway.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.