[英]AWS Cloudfront alternate domain name 403 forbidden
I have set up a cloudfront distribution successfully and I am able to navigate to the default domain provided by Cloudfront.我已成功设置了 Cloudfront 发行版,并且能够导航到 Cloudfront 提供的默认域。 I have also set up a alternate domain name using AWS Certificate Manager (ACM).我还使用 AWS Certificate Manager (ACM) 设置了备用域名。 The SSL has been issued and verified by the cname record I added. SSL 已通过我添加的 cname 记录颁发和验证。
For the cname entry in Google Domains I am using:对于我使用的 Google Domains 中的 cname 条目:
www CNAME cloudfront-distribution-name.cloudfront.net www CNAME cloudfront-distribution-name.cloudfront.net
When I try to navigate to the alternate domain: domain.com I receive a 403 forbidden network response.当我尝试导航到备用域:domain.com 时,我收到 403 禁止网络响应。 See screenshot below:请看下面的截图:
Note: I set up the cloudfront distribution using a website endpoint as the origin.注意:我使用网站端点作为源设置了 cloudfront 分发。
Here is the origin config:这是原始配置:
Here is the behavior config:这是行为配置:
I resolved the issue.我解决了这个问题。 Go to cloudfront and then under the 'general' tab select edit.转到 cloudfront,然后在“常规”选项卡下选择编辑。 Add a Cert with two domain names:添加具有两个域名的证书:
domain.com
*.domain.com
domain.com
*.domain.com
Add the appropriate CNAME record to verify the SSL cert.添加适当的 CNAME 记录以验证 SSL 证书。 Then add another CNAME record to verify the www.domain.com .然后添加另一个 CNAME 记录以验证www.domain.com 。 It should look something like this in your DNS:它在您的 DNS 中应该如下所示:
Record Name: _2958323dad0598j4cb4e722d0d8k5921.domain.com
记录名称: _2958323dad0598j4cb4e722d0d8k5921.domain.com
Type: CNAME类型:CNAME
Value: _7sk82036f90ffb2be52p922c080174f8.bsgbmzkfwj.acm-validations.aws
值: _7sk82036f90ffb2be52p922c080174f8.bsgbmzkfwj.acm-validations.aws
Note: For certain DNS providers you will not include the .domain.com
portion as this gets automatically added.注意:对于某些 DNS 提供商,您不会包含.domain.com
部分,因为它会自动添加。 (Google domains is one example) (Google 域就是一个例子)
Record Name: www.domain.com
记录名称: www.domain.com
Type: CNAME类型:CNAME
Value: x8k4nz5ok8a8dj.cloudfront.net
值: x8k4nz5ok8a8dj.cloudfront.net
Note: For certain DNS providers you will not include the .domain.com
portion it will just be www
for the CNAME record.注意:对于某些 DNS 提供商,您不会包含.domain.com
部分,它只是 CNAME 记录的www
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.